S3 バケットを作成するのにわりと最小権限気味の IAM ポリシー例
{ "Version": "2012-10-17", "Statement": [ { "Sid": "IAM Policy for Create S3 bucket", "Effect": "Allow", "Action": [ "s3:Createbucket", "s3:*Object*", "s3:ListAllMyBuckets", "s3:PutBucketPublicAccessBlock", "s3:PutEncryptionConfiguration", "s3:PutBucketVersioning" ], "Resource": "*" } ] }