AWS S3 configuration user can only access specific directories

Use IAM Policies to configure users to only access specific directories in the Bucket.

{
 "Version":"2012-10-17",
 "Statement": [
   {
     "Sid": "AllowUserToSeeBucketListInTheConsole",
     "Action": ["s3:ListAllMyBuckets", "s3:GetBucketLocation"],
     "Effect": "Allow",
     "Resource": ["arn:aws:s3:::*"]
   },
  {
     "Sid": "AllowRootAndHomeListingOfCompanyBucket",
     "Action": ["s3:ListBucket"],
     "Effect": "Allow",
     "Resource": ["arn:aws:s3:::my-company"],
     "Condition":{"StringEquals":{"s3:prefix":["","home/", "home/David"],"s3:delimiter":["/"]}}
    },
   {
     "Sid": "AllowListingOfUserFolder",
     "Action": ["s3:ListBucket"],
     "Effect": "Allow",
     "Resource": ["arn:aws:s3:::my-company"],
     "Condition":{"StringLike":{"s3:prefix":["home/David/*"]}}
   },
   {
     "Sid": "AllowAllS3ActionsInUserFolder",
     "Effect": "Allow",
     "Action": ["s3:*"],
     "Resource": ["arn:aws:s3:::my-company/home/David/*"]
   }
 ]
}

Amazon Simple Storage Service is an internet storage solution. The service is designed to make it easier for developers to perform web-scale computing.

Amazon S3 provides a simple web services interface that can be used to store and retrieve any amount of data at any time, anywhere on the web. This service gives all developers access to the same highly scalable, reliable, secure, fast and affordable data storage infrastructure that Amazon uses to run its global network of websites. This service is designed to maximize economies of scale for developers.

This guide explains core Amazon S3 concepts, such as buckets and objects, and how to use these resources using the Amazon S3 application programming interface (API).

The cost of S3 is divided into 2 parts, the first part is the storage fee, and the second part is the request fee.

Charging standards vary depending on the region, such as storage fees in Hong Kong:

Request fee in Hong Kong: