In my scenario , I want a policy that will allow reading and writing of abc-database-backups/rds/postgresql-backup
on S3? We'll want the my servers to have that access added.
Is creating a role and attaching it to the servers is best or adding a key to the server?
I tried this :
aws iam create-policy \
--policy-name rds-s3-integration-policy \
--policy-document '{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketACL",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::bucket_name"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload"
],
"Resource": "arn:aws:s3:::bucket_name/key_prefix/*"
}
]
}'
I would be very grateful for any help, as my experience in this field is somewhat limited.