How can i create an iam policy for a service on a different aws account?

67 Views Asked by Juan Sebastian At 04 April 2025 at 01:45

I currently need to create an iam policy with a service as a principal,

Now, i know that you can have:

"Service": [
    "ec2.amazonaws.com"

On your policy, but that states the ec2 service on your own account, how can i do the same for a different account? given that i cannot create a role for the service im trying to use since it is for a machine learning installation from the web console?

Original Q&A

There are 1 best solutions below

strongjz On 04 August 2017 at 20:30

You'll want to create Bucket policies and apply it to the source bucket so that accounts can access a bucket of another account.

{
  "Version":"2012-10-17",
  "Statement":[
    {
      "Sid":"AddCannedAcl",
      "Effect":"Allow",
      "Principal": {"AWS": ["arn:aws:iam::111122223333:root","arn:aws:iam::444455556666:root"]},
      "Action":["s3:PutObject","s3:PutObjectAcl"],
      "Resource":["arn:aws:s3:::examplebucket/*"] 
    }
  ]
}

http://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-1

How can i create an iam policy for a service on a different aws account?

There are 1 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-IAM

Related Questions in AMAZON-MACHINE-LEARNING

Trending Questions

Popular # Hahtags

Popular Questions