How to Give User Access To Only One S3 Bucket Only

Sometimes we need to create a user who has access to only one bucket. In that situation, we need to create an IAM policy first. After that, we need to assign that policy to that user. AWS policy generator, where you can generate your IAM policy here.

At first, login to your AWS account and then go to IAM section. Screen shoot given

After you go to IAM, then go to Policies. Screen shoot given.

Next, click the button to create policy. After that, click the json tab. Screen shoot given below

Here, we need to put the JSON policy. Now you can create the JSON policy or you can use the policy generator to create a new policy. The link is given below.

To Generate the Policy from policy generator choose these settings.

Next, you need to copy the bucket ARN, which I have shown below.

Next, paste the ARN in the policy generator and then generate policy

When you have added those statements, then click on the generate policy button. It will give you the policy in a JSON format. Copy the JSON and paste it in the IAM policy page. An example JSON format is given below

  "Version": "2012-10-17",
  "Statement": [
      "Sid": "Stmt1604128321525",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::awswithatiqoct30"
      "Sid": "Stmt1604128495367",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::awswithatiqoct30/*"

Next, Go to IAM policies section again, and then paste the policy and click review. It will send you to the next page, where you need to give a name for the policy. After that, you will be shown a summary page and if all ok then click the next button to create the IAM policy.

Now as you created the policy, you need to assign that policy to any user. A screen shoot is given below of how you can do that.

Once you assign the policy to that user, then that user now have access to only that bucket in S3. I have added a video as well to illustrate the who process, which might help you to do it all by yourself.


IAM is an essential part of AWS. Using IAM you can create custom policies to give any user any specific access. In this example I have shown how you can create one simple IAM policy to give access a user to a single bucket only. It’s a good example which illustrates the power of IAM custom policies and you can get an idea what you can do using IAM policies as well in future.

Atiqur Rahman

I am MD. Atiqur Rahman graduated from BUET and is an AWS-certified solutions architect. I have successfully achieved 6 certifications from AWS including Cloud Practitioner, Solutions Architect, SysOps Administrator, and Developer Associate. I have more than 8 years of working experience as a DevOps engineer designing complex SAAS applications.

Leave a Reply