AWS S3 Bucket Policy to allow only lowercase files

rfg
November 17, 2022
314 views
0 votes
2 Answers

Is it possible to limit s3 bucket to lowercase files/directories only?

Some downstream systems are case insensitive so I want to prevent any issues.

There’s a Lambda workaround, but is it possible to specify this requirement as a bucket policy?

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Enforce lower-case",
            "Effect": "Deny",
            "Principal":"*",
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::mybucket/*",
            "Condition": {
                "StringNotEquals": {
                    "s3:KeyName": "lower(s3:KeyName)"
                }
            }
        }
    ]
}

Answers

- Paolo
- November 17, 2022 at 8:59 pm
- 0 votes
0
No, that is not possible because:
- String manipulation isn’t allowed in IAM policy
- IAM string condition operators do not support regular expressions
Login or Signup to reply.

- JohnRotenstein
- November 17, 2022 at 9:26 pm
- 0 votes
0
An alternative approach would be to have the S3 bucket trigger an AWS Lambda function, which could:
- Examine the object Key
- If the Key is not strictly lowercase, then Copy the object to a new lowercase Key and delete the original object
However, it would mean that Foo would rename to foo and a later FOO would overwrite foo.
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.