Set AWS IAM Permissions for s3cmd backup to a single bucket
Our Linux machines use a S3 bucket to backup some files every night.
The machines only need write access (PutObject) to a single bucket on S3.
AWS Identity and Access Management (IAM) allows to define this permission on a single bucket. However to configure s3cmd correctly and run a successful test there is a little trick, otherwise the final configuration test of s3cmd shows this error:
ERROR: Test failed: 403 (AccessDenied): Access Denied
s3cmd needs the ListAllMyBuckets permission.
Here is the policy document that worked.
Important: Make sure you replace the
mybackupbucket with your own bucket name.
If you've read this far you might as well follow me on Twitter here.