18 lines
527 B
Bash
18 lines
527 B
Bash
|
#!/bin/bash
|
||
|
|
||
|
# For simplicity we align bucketname with username.
|
||
|
#
|
||
|
# Purpose of this script is to give a user only the necessary rights to
|
||
|
# manipulate a specific bucket.
|
||
|
#
|
||
|
# See policy.json file for details about the policy.
|
||
|
#
|
||
|
BUCKETNAME=$1
|
||
|
USERNAME=$BUCKETNAME
|
||
|
|
||
|
USER_ARN=$(aws iam get-user --user-name $USERNAME --query "User.Arn" --output text)
|
||
|
|
||
|
CONFIGURED_POLICY=$(sed "s~IAM_USER_ID~$USER_ARN~" policy.json | sed "s/BUCKETNAME/$BUCKETNAME/")
|
||
|
|
||
|
aws s3api put-bucket-policy --bucket $BUCKETNAME --policy "$CONFIGURED_POLICY"
|