Skip to main content

Required "actions" for IAM policy for s3 backups

JustinArdoin
Hi all, I'm looking for the specific actions that need to be allowed in an IAM policy for backups. "s3:*" is not exactly least privileges. I am already aware of how to lock the policy to a specific user, bucket, and object, what I am looking for is the specific set of actions I must allow for the cpanel s3 backups to work. I didn't see anything in /scripts and nothing really covering the specific calls in the docs, so I thought I'd ask here before opening a ticket. While I appreciate any insights, I'd prefer to avoid guess work. If you know which file holds the API calls within cPanel I'll gladly look at it myself. Just trying to decrease surface area. Thanks!

Comments

2 comments

Date Votes
  • cPanelMichael
    Hello :) You may find this URL helpful if you are looking for general input on IAM policies:
    0
  • JustinArdoin
    Hello :) You may find this URL helpful if you are looking for general input on IAM policies:
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post