Content Comparison

...

If the bucket is encrypted using AWS-KMS, the role’s policy would look like the following:
- Make sure to replace $BUCKET_NAME$ with your bucket name. This is where we will upload files.
- Replace $AWS_KMS_KEY_ARN$ with your AWS KMS key used to encrypt the bucket.

Code Block

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": [
                "arn:aws:s3:::$BUCKET_NAME$/*"
            ],
            "Effect": "Allow"
        },
        {
            "Action": [
                "kms:Encrypt",
                "kms:GenerateDataKey",
                "kms:DescribeKey",
                "kms:ReEncrypt*"
            ],
            "Resource": [
                "$AWS_KMS_KEY_ARN$"
            ],
            "Effect": "Allow"
        }
    ]
}

Make sure to replace $BUCKET_NAME$ with your bucket name. This is where we will upload files.
Replace $AWS_KMS_KEY_ARN$ with your AWS KMS key used to encrypt the bucket.

Lead Liaison Account Configuration

...

Version	Old Version 5	New Version Current
Changes made by	Ryan Schefke	Ryan Schefke
Saved on	Apr 06, 2020	Apr 06, 2020

Content Comparison

Versions Compared

Key

Lead Liaison Account Configuration