{"slug":"iam-aws-s3","cloud":"aws","service":"s3","title":"AWS S3 (IAM)","description":"Amazon Simple Storage Service (S3) provides scalable object storage for data backup, archival, and analytics.","category":"storage","common_permissions":["s3:ListBucket","s3:GetObject","s3:PutObject","s3:DeleteObject","s3:CreateBucket","s3:DeleteBucket","s3:GetBucketPolicy","s3:PutBucketPolicy"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\",\n        \"s3:PutObject\",\n        \"s3:DeleteObject\",\n        \"s3:CreateBucket\",\n        \"s3:DeleteBucket\",\n        \"s3:GetBucketPolicy\",\n        \"s3:PutBucketPolicy\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid s3:* — grants full access including deletion of buckets and objects.","Avoid s3:PutBucketPolicy without conditions — can allow public access to data."],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/s3/s3.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:48:32.466Z","updated_at":"2026-06-14T04:48:32.466Z"}