We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

IAM Policy

  • Last updated on

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources for your users. You can use IAM to create a group, a user or a role and associate a policy with the set of privileges/permissions to access your AWS resources.  For more information, refer to the Overview of IAM Policies article in the AWS documentation.

 The IAM role name specified in the stack should have the following permissions:

  • s3:PutObject
  • s3:PutObjectAcl
  • s3:GetObject
  • s3:DeleteObject

As an example, here is an IAM role with the permissions to the S3 bucket.

{ "Version": "2012-10-17", "Statement": [ { "Action": [ "s3:ListBucket" ], "Resource": "arn:aws:s3:::waf-license-bucket", "Effect": "Allow" }, { "Action": [ "s3:ListBucket" ], "Resource": "arn:aws:s3:::waf-bootstrap-bucket", "Effect": "Allow" }, { "Action": [ "s3:ListBucket" ], "Resource": "arn:aws:s3:::waf-cluster-bucket", "Effect": "Allow" }, { "Action": [ "s3:ListBucket" ], "Resource": "arn:aws:s3:::qa-waf-bc", "Effect": "Allow" }, { "Action": [ "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:DeleteObject" ], "Resource": "arn:aws:s3:::waf-license-bucket/*", "Effect": "Allow" }, { "Action": [ "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:DeleteObject" ], "Resource": "arn:aws:s3:::waf-bootstrap-bucket/*", "Effect": "Allow" }, { "Action": [ "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:DeleteObject" ], "Resource": "arn:aws:s3:::waf-cluster-bucket/*", "Effect": "Allow" }, { "Action": [ "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:DeleteObject" ], "Resource": "arn:aws:s3:::qa-waf-bc/*", "Effect": "Allow" } ] }

 

 

Last updated on