Each user and group can be associated with one or more policies to define the actions that a user or group member can perform and the conditions under which those actions can take place. You can attach a policy to a user, group, and/or role.
You can create up to 1000 policies per account.
Note: You can attach a policy to a bucket. This is described in Working With a Bucket Policy.
Wasabi provides predefined policies that you can attach to a user, group, and/or role. These policies are:
AmazonS3Full Access—Gives full access to all S3 resources, but no IAM access.
AmazonS3ReadOnlyAccess—Gives just the Get and List permissions on any S3 resource/bucket, but no IAM access.
AdministratorAccess—Gives full access to all resources (IAM and S3) with no limitation whatsoever.
WasabiReadOnlyAccess—Gives just the Get and List permissions to all S3 resources and login permissions to users.
WasabiWriteOnlyAccess—Gives just the Put and MultipartAbort permissions to all S3 resources, but no IAM access. The user cannot sign in with just this policy attached.
WasabiFullAccess—Gives full permissions to all S3 resources and sign in permissions to users.
WasabiAdministratorAccess—Gives full access to all resources (IAM and S3) with no limitation whatsoever. This is similar to AdministratorAccess, above.
IAMUserChangePassword—Gives the user permission to change his/her password upon initial sign in.
WasabiViewBillingAccess—Gives the user permission to view the billing access portal.
WasabiModifyBillingAccess—Gives the user permission to modify the billing access portal.
Click Policies in the Wasabi menu on the left of the screen.
The Policies panel is displayed:
The Policies panel displays a list of policies, each with this information:
Number of users, groups, and/or roles attached to the policy
Amazon Resource Name (ARN) for the policy
Date when the policy was created
Tools at the top of the Policies panel are provided for:
In addition, you can review and edit the details of a policy, as described in Reviewing Details and Editing an Existing Policy.