Use this S3 policy in your bucket configuration to allow a single user (identified by its ARN) complete access to a single bucket:
{ "Id": "MyBucketPolicy", "Statement": [ { "Sid": "AllAccess", "Action": "s3:*", "Effect": "Allow", "Resource": [ "arn:aws:s3:::my-bucket-name", "arn:aws:s3:::my-bucket-name/*" ], "Principal": {"AWS":["arn:aws:iam::100000012345:user/MyUser"]} } ] }
Replace both instances of arn:aws:s3:::my-bucket-name
by your bucket ARN and replace arn:aws:iam::100000012345:user/MyUser
by your user’s ARN. You can also add multiple user ARNs to "Principal": {"AWS": ... }
.