Below you can find a step-by-step guide on how to set access to a specific Amazon S3 bucket for a single user (a bucket user-lionin the example):
  • Go to My Security Credentials. 
  • Select Get Started with IAM Users. 
  • Select the Create Policy option in the Policy section, then select Create Your Own Policy. 
  • The next step is to add a Policy Document, which will look like this:
    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Effect": "Allow",
    "Action": [
    "s3:ListBucket",
    "s3:GetBucketLocation"
    ],
    "Resource": [
    "arn:aws:s3:::${aws:username}"
    ]
    },
    {
    "Effect": "Allow",
    "Action": [
    "s3:PutObject",
    "s3:GetObject",
    "s3:DeleteObject",
    "s3:PutObjectAcl"
    ],
    "Resource": [
    "arn:aws:s3:::${aws:username}/*"
    ]
    }
    ]
    }

    *This Policy does not require editing.

    I.e. you permit to use the methods "s3:ListBucket" and "s3:GetBucketLocation" with the bucket arn:aws:s3:::${aws:username}, and "s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:PutObjectAcl" for the all objects in that bucket. 
  • At this step, you will need to go back to My Security Credentials, select the Users section and create a user who will have access to the mentioned bucket. 
  • Then, attach the previously created policy to a user. 
  • When the previous step is done, go to the Users section → select the newly created user → open the Security credentials tab → select Create access key. 
  • Finally, using the login information from the previous steps, a specific bucket can be accessed by a single user.