Allow download of s3 files from iam users

AWS' version of a command-line interface is one of several methods a developer can use to create and manage AWS tools. In this step you will learn, how to create S3 Bucket, how to upload file from local to S3 bucket, how to download a file from S3 bucket and how to delete a file from S3 bucket.

Amazon S3 has a simple web services interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web. It gives any developer access to the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses to run its own global network of web sites.

To download a file from s3 bucket, provide following command along with bucket name and file name and path where you want to download file. To delete a file from S3 bucket, provide the following command along with bucket name and file name. View All. Raj Kumar Updated date Jan 23, Login to AWS console and enter email and password.

Download and run the Windows installer bit , bit. I already configured a Cognito user pool and identity pool, with roles for both authenticated and unauthenticated users like, for example, the authenticated user role:. So I tried to follow this or this , but I don't understand how to configure the S3 and Cognito roles and policies to achieve my need. In order to allow only your AWS Cognito pool users access your bucket you can create a policy like below. You just need to replace your own bucket-name and application-name :.

No code needed. Integrates directly with cognito. I always feel like this is the best practice way of giving users access to restricted content. I think there are ways to give actual IAM roles through Congnito, but this always makes me feel uncomfortable. The usecase of Cognito for me, is keeping your 'users' all in one place. I like giving API Gateway the responsibility of integrating with Cognito and controlling access to restricted areas - feels like the most obvious way to do it to me.

The solution is too involved to provide a full solution here. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. Ask Question. Asked 1 year, 11 months ago. Active 1 year, 11 months ago. Viewed 1k times. Here is the content of my S3 bucket: myS3Bucket: - folderAll - folderUserGroup In that bucket, folderAll contains files that can be downloaded by each user of my app, and folderUserGroup contains files that can only be downloaded by authenticated users that are in a specific Cognito user group.

How can I configure my roles and policies to restrict files download only to my Cognito users? Thanks for your help. ArunmainthanKamalanathan I already setup a complete environment with a fully working Cognito user pool and identity pool, and a S3 bucket.

The only thing I don't understand is how to setup the IAM roles and policies to achieve my need. ArunmainthanKamalanathan I just updated my question, but I still have a error. You haven't posted your code. You have only posted the policies. Where is the code that's trying to access the files — Arun K. Add a comment. Active Oldest Votes. GWed Xanthos Symeou Xanthos Symeou 4 4 silver badges 10 10 bronze badges. What is the application-name?