I use the policy inserted below. This policy does almost everything that I intend to do. The user can go to the specified folder (/ full / test / next /) in the specified bucket (BUCKETNAME). They can upload files, delete files, create new folders ... etc.
However, they cannot delete folders created in this directory (i.e. do not delete / full / test / next / examplefolder). I searched and made some changes, but I did not find the answers. Any help would be greatly appreciated.
I apologize for the lack of clarity or incorrect terminology. I am new to AWS.
Two additional notes: 1. I can delete these folders from the main administrator account. 2. As a user, I do not have rights in these folders (even if the user created the folders).
Nested Code -
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowUserToSeeBucketListInTheConsole",
"Action": ["s3:ListAllMyBuckets", "s3:GetBucketLocation"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::*"]
},
{
"Sid": "AllowRootAndHomeListingOfProperFolder",
"Action": ["s3:ListBucket"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::BUCKETNAME"],
"Condition":{"StringEquals":{"s3:prefix":["","full/","full/test/", "full/test/next/", "full/test/next/*"],"s3:delimiter":["/"]}}
},
{
"Sid": "AllowAllS3ActionsInUserFolder",
"Effect": "Allow",
"Action": ["s3:*"],
"Resource": ["arn:aws:s3:::BUCKETNAME/full/test/next/*"]
}
]
}