Skip to content

Set Policies for AWS Services

Use Access Management to configure resource-based services and add access policies to those services.

Set up a Data Access Server Environment#

  1. From the home page, click Launch Pad.

  2. Click AWS Cli and follow the prompts.

Set Up Proxy for User#

  1. From a terminal prompt, enable the proxy.

    . \~/privacera_aws.sh --enable-proxy

Use S3 with Data Access Server#

  1. From a terminal prompt, list the contents of test-bucket. (${test-bucket} is mentioned as an example across the document. You can change the bucket name as per your choice.

    aws s3 ls s3://test-bucket

  2. From a terminal prompt, copy a local file to test-bucket.

    aws s3 cp srcFile.txt s3://test-bucket/dstFile.txt

    It will show the following result: upload failed: ./srcFile.txt to s3://test-bucket/dstFile.txt An error occurred (403) when calling the PutObject operation: Forbidden. This indicates that the current user doesn’t have permission to perform this operation.

Set S3 Policy in Privacera#

Create a policy to allow the user access to test-bucket for 'READ' and 'WRITE' operations.

  1. From the home page, click Access Management > Resource Policies.

  2. On the Resource Policies page, click privacera_s3 > Add New Policy.

  3. Enter the details.

    • Policy Name: s3_test_policy

    • Bucket Name: test-bucket (S3 Bucket Name)

    • Object Path: * (File/Directory/Object Path Inside Bucket)

    • Under Allow Conditions, click '+' and select:

      • User: User’s username to which you want to allow access.

      • Add Permission as: read, metadata read, write, metadata write

  4. Click Save

Copy a File to S3#

  1. From a terminal prompt, copy the local file to test-bucket.

    aws s3 cp srcFile.txt s3://test-bucket/dstFile.txt

  2. Verify that the copy was successful.

    aws s3 ls s3://test-bucket/


Last update: July 23, 2021