When using Cyberduck to access S3, and a account has restrictive policies, you may find error Listing Directory: /
failed.
If you have restrictive IAM Policies in your account, this may be due to the fact that S3:ListMyBuckets
is not allowed.
In this post we want to allow a user to list all buckets, so that Cyberduck can do the initial list after configuration / launch, and we would like to give the user access to their designated bucket.
Creating the IAM Policy:
We will create this IAM Policy and associate the policy to the user’s account:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
|
So here we should be able to list the buckets:
1 2 3 4 5 6 |
|
Able to list inside the bucket, as well as Get, Put etc.
1 2 |
|
Unable to list the buckets content which is expected, as we did not mention in the policy:
1 2 3 |
|