2.0.X-2.10.X(Deprecated)

AWS S3 Target Permissions

Permissions required to add S3 as a target to T4K

Deprecated Documentation

This document is deprecated and no longer supported. For accurate, up-to-date information, please refer to the documentation for the latest version of Trilio.

# AWS S3 Target Permissions

To add AWS S3 (object storage) as a Target within T4K, users need specific access permissions on the bucket.

  • Implementation Step

    1. Create the following Policy in AWS

      • Note: replace bucketname with name of the s3 bucket name

      {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::bucketname",
                "arn:aws:s3:::bucketname/*"
            ]
        },
        {
            "Effect": "Deny",
            "NotAction": "s3:*",
            "NotResource": [
                "arn:aws:s3:::bucketname",
                "arn:aws:s3:::bucketname/*"
            ]
        }
    ]
}

    2. Attach policy to a user and collect the Access key ID ,Secret access key which the user has to provide while adding an AWS target.

    3. Optional: In case an AWS policy has been attached to a bucket then the bucket policy should be as follows:

      • Note: Alice is user in root account 111122223333

      {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
            "AWS": [
                    "arn:aws:iam::111122223333:user/Alice",
            ]
            },
            "Action": [                        
                "s3:ListBucket",
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
               ],
            "Resource": [
                "arn:aws:s3:::my_bucket",
                "arn:aws:s3:::my_bucket/*"
            ]
        }
    ]
}
PreviousT4K Pod/Job CapabilitiesNextResource Requirements and Limits

Last updated