I am trying to create a list of all the AWS S3 buckets and users that have access to them. An output with:
| Bucket Name | UserName |
|---|---|
| Bucket1 | User1 |
| Bucket1 | User2 |
| Bucket2 | User2 |
Any suggestions?
I have used aws iam list-users and aws s3api list-buckets but this doesn’t provide info between users and buckets.
2
Answers
Go to the AWS Management Console and log in to your account.
Navigate to the S3 service.
Click on the bucket for which you want to see the access.
Click on the "Permissions" tab.
In the "Access for other AWS accounts" section, you can see the list of users and their access levels for that bucket.
If you want to see the access for all buckets, you can use the AWS CLI (Command Line Interface) tool. First, install the AWS CLI tool if you haven’t already.
Open the terminal or command prompt and type the following command to get a list of all S3 buckets in your account:
aws s3api list-buckets
Then, to get the access for each bucket, you can run the following command for each bucket name:
aws s3api get-bucket-acl –bucket bucket-name
This command will return the Access Control List (ACL) for the specified bucket, which includes the list of users and their access levels.
You can use the aws s3api get-bucket-acl command to get the Access Control List (ACL) for a specific S3 bucket. The ACL will include a list of all the users and groups that have been granted access to the bucket, along with their permissions. Here’s an example command to get the ACL for a bucket named my-bucket:
aws s3api get-bucket-acl –bucket my-bucket
This will return a JSON object that includes information about the bucket’s ACL, including the Grantee (user or group), their Permission level, and any GrantFullControl or GrantRead permissions that have been granted.
You can also use the aws s3api list-objects command to get a list of all the objects (files) in a bucket, along with their owners. This command will return a JSON object that includes information about each object, including the Owner (the user who owns the object) and the Key (the object’s filename). Here’s an example command to get a list of all the objects in a bucket named my-bucket:
aws s3api list-objects –bucket my-bucket
This will return a JSON object that includes information about each object, including the Owner (the user who owns the object) and the Key (the object’s filename).