Sample Bucket Policy using Policy Builder

The following screenshots represent the options to select to create the bucket policy (see JSON below) mentioned in this example.

{
  "Id": "sample-bucket-policy",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Statement1713336710809",
      "Principal": {
        "AWS": [
          "arn:primary:default:group:group1"
        ]
      },
      "Action": [
        "s3:CreateBucket",
        "s3:DeleteBucket",
        "s3:DeleteBucketPolicy",
        "s3:DeleteObject",
        "s3:DeleteObjectTagging"
      ],
      "Resource": [
        "arn:aws:s3:::${bucket}/*"
      ],
      "Effect": "Allow"
    },
    {
      "Sid": "Statement1713337230508",
      "Principal": {
        "AWS": [
          "arn:primary:default:group:group1"
        ]
      },
      "Action": [
        "s3:AbortMultipartUpload"
      ],
      "Resource": [
        "arn:aws:s3:::${bucket}/*"
      ],
      "Effect": "Deny"
    }
  ]
}

The aforementioned bucket policy allows all users in group1 to create bucket, delete bucket, delete bucket policy, delete objects in the bucket, and delete objects, and delete object tagging. The policy disallows or denies permission to abort a multi-part upload of file to the bucket. The ${bucket} keyword is a placeholder that the system automatically replaces with the bucket name.