The Apply S3 Bucket Policy action can be used to apply a bucket policy to one or more S3 buckets.
This action includes a "test mode" as a way of determining which buckets will have the policy applied without actually applying the policy. This way, you can fine tune your action without concern for applying to the wrong buckets.
When test mode is enabled, execute your action normally then check the action logs to verify that only buckets that should have been modified would have been modified, and that buckets that should not have been modified would not have been modified.
When you are satisfied, disable Test Mode.
Please see Common Action Settings for a description of settings common to all action types.
Bucket Identification Method
Method with which to match buckets to have the policy applied. Possible choices include:
- All Buckets
- By Resource Tag
- By Bucket Name
Comparison to use against the name of the bucket. Required only when Bucket Identification Method is set to "By Bucket Name".
Resource Tag Name
Name of a resource tag on the selected buckets. Required only when Bucket Identification Method is set to "By Bucket Name".
Resource Tag Value
Comparison to use against the resource tag. Required only when Bucket Identification Method is set to "By Bucket Name".
Indicates the policy to apply to the buckets. Possible options are:
- Enforce AES256 Encryption
Custom Policy Content
Specifies the custom bucket policy. Required when Policy Type is set to "Custom". This must be a valid bucket policy in JSON format.
Specifies the rule in which the policy is applied to the bucket. Possible choices include:
- Always overwrite
- Apply only if the bucket does not already have a policy
Enables and disabled Test Mode (see above).
Amazon Commands Used
The following Amazon AWS commands are used. The access key should have permission to execute all of them.