Skip to content

Set Policies for AWS Services

Use Access Management to configure resource-based services and add access policies to them.

Set up a Data Access Server Environment

  1. From the home page, click Launch Pad.

  2. Click AWS Cli and follow the prompts.

Set Up Proxy for User

  1. From a terminal prompt, enable the proxy.

    . \~/privacera\_aws.sh --enable-proxy
    

Use S3 with Data Access Server

  1. From a terminal prompt, list the contents of test-bucket. (${test-bucket}) is mentioned as an example across the document. You can change the bucket name as per your choice.

    aws s3 ls s3://test-bucket
    
  2. From a terminal prompt, copy a local file to test-bucket.

    aws s3 cp srcFile.txt s3://test-bucket/dstFile.txt
    

    It will show the following result: upload failed: ./srcFile.txt to s3://test-bucket/dstFile.txt An error occurred (403) when calling the PutObject operation: Forbidden. This indicates that the current user doesn’t have permission to perform this operation.

Set S3 Policy in Privacera

Create a policy to allow the user access to test-bucket for READ and WRITE operations.

  1. From the home page, click Access Management > Resource Policies.

  2. On the Resource Policies page, click privacera_s3 > Add New Policy.

  3. Enter the details.

    • Policy Name: s3_test_policy

    • Bucket Name: test-bucket (S3 Bucket Name)

    • Object Path: * (File/Directory/Object Path Inside Bucket)

    • Under Allow Conditions, click '+' and select:

      • User: User’s username to which you want to allow access.

      • Add Permission as: read, metadata read, write, metadata write

  4. Click Save

Copy a File to S3

  1. From a terminal prompt, copy the local file to test-bucket.

    aws s3 cp srcFile.txt s3://test-bucket/dstFile.txt
    
  2. Verify that the copy was successful.

    aws s3 ls s3://test-bucket/