If an ACL, roles, and a bucket policy are used at the same time and their authorization conflicts, the authorization priorities come as the bucket policy, roles, and the ACL.

If a bucket policy and an IAM policy are applied to an account together, an explicit deny overrides allows, and an allow overrides default denies.

Cross-tenant authorized access cannot be implemented for SSE-KMS-encrypted objects using the bucket ACL or policy.

last updated: 2024-11-14 08:51 UTC - commit: c2bf2e27e452e727da999792ea626796d0094467

Contact
Data privacy
Disclaimer of liabilitys
Imprint