AWS IAM Permissions

Viewing 2 replies - 1 through 2 (of 2 total)

  • I don’t know what the minimum privileges are, but if you limit the plugin to a specific user and give it privileges on a specific bucket, you should be fine. I have the following for an IAM user whose sole purpose is to handle W3TC for our sites:

    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::my-prefix-w3tc-*",
                "arn:aws:s3:::my-prefix-w3tc-*/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets"
            ],
            "Resource": "arn:aws:s3:::*"
        }
    ]
}
    Thread Starter lbrent

    (@lbrent)

    Thanks. I used a policy like this. It fails the “test upload” button for me on the general settings tab, but I think it does indeed work, which it should.

    Do you have any insight for Cloudfront permissions? Frankly, I am not sure how w3tc interacts with Cloudfront. What I would like to do is create my distribution on my own on set origin to my S3 bucket, but I am thinking w3tc needs to set Cloudfront behaviors. So my question is what permissions do I need to give w3tc user re Cloudfront?

    Thanks again!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘AWS IAM Permissions’ is closed to new replies.