{
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
}
]
}
This means they can see all the buckets that exist on your account but can't actually see then contents of them without getting some policies applied on specific buckets.
This all comes about from the way Cyberduck does it's initial login to Amazon S3.
Update: If you just connect directly to the bucket using it's bucket name as part of the hostname (eg www.example.com.s3.amazonaws.com), you don't need to grant this permission but you do get an SSL issue.
No comments:
Post a Comment