S3のAPIは、素のAPIと、AWS CLIのs3apiで使う時の名前と、IAM Policyで制御する時の名前がバラバラだったりするので、大変分かりづらい。ということで、表を作った。これでもまだ不完全または不正確な気がするので、気がついたらコメントいただけると嬉しい。
target | S3 API | AWS CLI | IAM Policy |
---|---|---|---|
service | GET Service | list-buckets | s3:ListAllMyBuckets |
bucket | DELETE Bucket | delete-bucket | s3:DeleteBucket |
bucket | DELETE Bucket analytics | delete-bucket-analytics-configuration | s3:PutAnalyticsConfiguration |
bucket | DELETE Bucket cors | delete-bucket-cors | |
bucket | DELETE Bucket inventory | delete-bucket-inventory-configuration | s3:PutInventoryConfiguration |
bucket | DELETE Bucket lifecycle | delete-bucket-lifecycle | |
bucket | DELETE Bucket metrics | delete-bucket-metrics-configuration | s3:PutMetricsConfiguration |
bucket | DELETE Bucket policy | delete-bucket-policy | s3:DeleteBucketPolicy |
bucket | DELETE Bucket replication | delete-bucket-replication | s3:DeleteReplicationConfiguration |
bucket | DELETE Bucket tagging | delete-bucket-tagging | s3:PutBucketTagging |
bucket | DELETE Bucket website | delete-bucket-website | s3:DeleteBucketWebsite |
bucket | GET Bucket (List Objects) | list-objects | s3:ListBucket |
bucket | GET Bucket (List Objects V2) | list-objects-v2 | s3:ListBucket |
bucket | GET Bucket accelerate | get-bucket-accelerate-configuration | s3:GetAccelerateConfiguration |
bucket | GET Bucket acl | get-bucket-acl | s3:GetBucketAcl |
bucket | GET Bucket analytics | get-bucket-analytics-configuration | s3:GetAnalyticsConfiguration |
bucket | GET Bucket cors | get-bucket-cors | s3:GetBucketCORS |
bucket | GET Bucket inventory | get-bucket-inventory-configuration | s3:GetInventoryConfiguration |
bucket | GET Bucket lifecycle (deprecated) | get-bucket-lifecycle (deprecated) | |
bucket | GET Bucket lifecycle | get-bucket-lifecycle-configuration | s3:GetLifecycleConfiguration |
bucket | GET Bucket location | get-bucket-location | s3:GetBucketLocation |
bucket | GET Bucket logging | get-bucket-logging | s3:GetBucketLogging |
bucket | GET Bucket metrics | get-bucket-metrics-configuration | s3:GetMetricsConfiguration |
bucket | get-bucket-notification (deprecated) | ||
bucket | GET Bucket notification | get-bucket-notification-configuration | s3:GetBucketNotification |
bucket | GET Bucket Object versions | ||
bucket | GET Bucket policy | get-bucket-policy | s3:GetBucketPolicy |
bucket | GET Bucket replication | get-bucket-replication | s3:GetReplicationConfiguration |
bucket | GET Bucket requestPayment | get-bucket-request-payment | s3:GetBucketRequestPayment |
bucket | GET Bucket tagging | get-bucket-tagging | s3:GetBucketTagging |
bucket | GET Bucket versioning | get-bucket-versioning | s3:GetBucketVersioning |
bucket | GET Bucket website | get-bucket-website | s3:GetBucketWebsite |
bucket | HEAD Bucket | head-bucket | s3:ListBucket |
bucket | List Bucket Analytics Configurations | list-bucket-analytics-configuration | s3:GetAnalyticsConfiguration |
bucket | List Bucket Inventory Configurations | list-bucket-inventory-configurations | s3:GetInventoryConfiguration |
bucket | List Bucket Metrics Configurations | list-bucket-metrics-configurations | s3:GetMetricsConfiguration |
bucket | List Mutlipart Uploads | list-multipart-uploads | s3:ListBucktMultipartUploads |
bucket | PUT Bucket | create-bucket | s3:CreateBucket |
bucket | PUT Bucket accelrate | put-bucket-accelerate-configuration | s3:PutAccelerateConfiguration |
bucket | PUT Bucket acl | put-bucket-acl | s3:PutBucketAcl |
bucket | PUT Bucket analytics | put-bucket-analytics-configuration | s3:PutAnalyticsConfiguration |
bucket | PUT Bucket cors | put-bucket-cors | s3:PutBucketCORS |
bucket | PUT Bucket inventory | put-bucket-inventory-configuration | s3:PutInventoryConfiguration |
bucket | PUT Bucket lifecycle (deprecated) | put-bucket-lifecycle (deprecated) | |
bucket | PUT Bucket lifecycle | put-bucket-lifecycle-configuration | s3:PutLifecycleConfiguration |
bucket | PUT Bucket logging | put-bucket-logging | s3:PutBucketLogging |
bucket | PUT Bucket metrics | put-bucket-metrics-configuration | s3:PutMetricsConfiguration |
bucket | put-bucket-notification | ||
bucket | PUT Bucket notification | put-bucket-notification-configuration | s3:PutBucketNotification |
bucket | PUT Bucket policy | put-bucket-policy | s3:PutBucketPolicy |
bucket | PUT Bucket replication | put-bucket-replication | s3:PutReplecationConfiguration |
bucket | PUT Bucket requestPayment | put-bucket-request-payment | s3:PutBucketRequestPayment |
bucket | PUT Bucket tagging | put-bucket-tagging | s3:PutBucketTagging |
bucket | PUT Bucket versioning | put-bucket-versioning | s3:PutBucketVersioning |
bucket | PUT Bucket website | put-bucket-website | s3:PutBucketWebsite |
object | Delete Multiple Objects | delete-objects | (s3:DeleteObject) |
object | DELETE Object | delete-object | s3:DeleteObject |
object | (DELETE Object) | (delete-object, delete-objects) | s3:DeleteObjectVersion |
object | DELETE Object tagging | delete-object-tagging | (s3:DeleteObject) |
object | GET Object | get-object | s3:GetObject |
object | (GET Object) | (get-object) | s3:GetObjectVersion |
object | GET Object ACL | get-object-acl | s3:GetObjectAcl |
object | GET Object ACL (Versioning) | (get-object-acl) | s3:GetObjectVersionAcl |
object | GET Object tagging | get-object-tagging | s3:GetObjectTagging |
object | (GET Object tagging) | (get-object-tagging) | s3:GetObjectVersionTagging |
object | GET Object torrent | get-object-torrent | s3:GetObjectTorrent |
object | (GET Object torrent) | (get-object-torrent) | s3:GetObjectVersionTorrent |
object | HEAD Object | head-object | s3:GetObject |
object | HEAD Object (Versioning) | head-object | s3:GetObject |
object | OPTIONS object | ||
object | POST Object restore | restore-object | s3:RestoreObject |
object | PUT Object | put-object | s3:PutObject |
object | (PUT Object) | put-object-tagging | s3:PutObjectTagging |
object | (PUT Object) | (put-object-tagging) | s3:PutObjectVersionTagging |
object | PUT Object(Versioning) | put-object | s3:PutObject |
object | PUT Object – Copy | copy-object | s3:PutObject |
object | PUT Object – Copy (Versioning) | copy-object | s3:PutObject |
object | PUT Object acl | put-object-acl | s3:PutObjectAcl |
object | (PUT Object acl) | (put-object-acl) | s3:PutObjectVersionAcl |
object | Abort Multipart Upload | abort-multipart-upload | s3:AbortMultipartUpload |
object | Complete Mulitpart Upload | complete-mulitpart-upload | s3:PutObject |
object | Initiate Mulitpart Upload | create-multipart-upload | s3:PutObject |
object | List Parts | s3:ListMultipartUploadParts | |
object | Upload Part | upload-part | s3:PutObject |
object | Upload Part – Copy | upload-part-copy | s3:PutObject |
bucket | s3:ReplicateDelete | ||
bucket | s3:ReplicateObject |