2025-11-22
2 new actions, 1 new condition | 3 updated resources, 4 updated actions
Additions
Actions
-
GetBucketAbac
-
Description:
Grants permission to retrieve ABAC configuration for a general purpose bucket
-
Access:
Read
-
Resources:
Name: bucket
Required: Yes
-
Conditions:
s3:authType
s3:ResourceAccount
s3:signatureAge
s3:signatureversion
s3:TlsVersion
s3:x-amz-content-sha256
-
PutBucketAbac
-
Description:
Grants permission to set ABAC configuration for a general purpose bucket
-
Access:
Write
-
Resources:
Name: bucket
Required: Yes
-
Conditions:
s3:authType
s3:ResourceAccount
s3:signatureAge
s3:signatureversion
s3:TlsVersion
s3:x-amz-content-sha256
Conditions
-
s3:BucketTag/${TagKey}
-
Description:
Filters access by the tags associated with the bucket
-
Type:
String
Updates
Resources
-
accesspointobject
Conditions
-
+ s3:BucketTag/${TagKey}
-
bucket
Conditions
-
+ aws:ResourceTag/${TagKey}
-
+ s3:BucketTag/${TagKey}
-
object
Conditions
-
+ aws:ResourceTag/${TagKey}
-
+ s3:BucketTag/${TagKey}