17 lines
527 B
Bash
Executable file
17 lines
527 B
Bash
Executable file
#!/bin/bash
|
|
|
|
# For simplicity we align bucketname with username.
|
|
#
|
|
# Purpose of this script is to give a user only the necessary rights to
|
|
# manipulate a specific bucket.
|
|
#
|
|
# See policy.json file for details about the policy.
|
|
#
|
|
BUCKETNAME=$1
|
|
USERNAME=$BUCKETNAME
|
|
|
|
USER_ARN=$(aws iam get-user --user-name $USERNAME --query "User.Arn" --output text)
|
|
|
|
CONFIGURED_POLICY=$(sed "s~IAM_USER_ID~$USER_ARN~" policy.json | sed "s/BUCKETNAME/$BUCKETNAME/")
|
|
|
|
aws s3api put-bucket-policy --bucket $BUCKETNAME --policy "$CONFIGURED_POLICY"
|