Grant access to AWS S3 bucket/folder to users without AWS account

Question

I want to make a Video On Demand service using AWS S3 , and I would like to restrict each of my clients to his own bucket/folder (which one schema is best..) . I want a client to have access only to his bucket/folder, but these people are not going to have an AWS account.

I read ,and still reading, about IAM users,roles and policies but I have not found something pointing to what I want to achieve.

Did you manage to solve this? – Javier Lopez Tomas Mar 31 '20 at 11:39 — Javier Lopez Tomas, Mar 31 '20 at 11:39

score 1 · Accepted Answer · answered May 11 '15 at 15:29

If you know the IP address (or CIDR blocks) of each client, you can then restrict your bucket with a policy.

http://blogs.aws.amazon.com/security/post/TxPOJBY6FE360K/IAM-policies-and-Bucket-Policies-and-ACLs-Oh-My-Controlling-Access-to-S3-Resourc

http://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html

Alternatively, you could just set up IAM accounts for them within your own account, and scope their access accordingly. That would let them use a very limited form of the AWS Console. You can even write your IAM policies so that users automatically have access to something like:

s3://your-bucket/%username%/

Grant access to AWS S3 bucket/folder to users without AWS account

1 Answers1

Linked