CROSS ACCOUNT BUCKET ACCESS


INTEGRATION
AWS

The following S3 policy requirements are needed for Quadrant to push data into your S3 bucket.

  - GetBucketLocation: Required to know the bucket RegionListBucketRequired for the folders we are uploading data to verify that we are not overwriting an existing object.
  - GetObject: Required together with s3:ListBucket to verify that a file does not exist in the target destination.
  - PutObject: Required for Uploading data files

Example Policy

{

"Version": "2012-10-17",

"Statement": [

{

"Sid": "Quadrant’s S3 Access",

"Effect": "Allow",

"Principal": {

"AWS": "arn:aws:iam::625460199338:root"

},

"Action": [

    "s3:GetObject",

                                       "s3:ListBucket",

                                       "s3:PutObject",

                                       "s3:GetBucketLocation"

                                        ],

                                        "Resource": [

                                                       "arn:aws:s3:::<your-s3-bucket>",

                                                       "arn:aws:s3:::<your-s3-bucket>/*"

                                       ]

                       }

          ]

}