An S3 VPC endpoint policy that restricts access through the S3 endpoint to the specified IAM role in the account

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "s3:*"
            ],
            "Principal": "*",
            "Resource": [
                "*"
            ],
            "Effect": "Allow",
            "Condition": {
                "ArnEquals": {
                    "aws:PrincipalArn": ""
                }
            }
        }
    ]
}

Actions



Customize Template

Custommize Policy

* Required field