s3:GetAccessGrant is a Read access-level action in the s3 service. Grants permission to read Access Grant
ARNs that s3:GetAccessGrant can be scoped to in an IAM policy.
Keys you can use in the Condition block of a policy that grants s3:GetAccessGrant.
Filters access by the tags that are passed in the request
Filters access by the tags associated with the resource
Filters access by the tag keys that are passed in the request
A minimal policy that allows s3:GetAccessGrant. Replace "Resource": "*" with a specific ARN to follow least privilege.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowS3GetAccessGrant",
"Effect": "Allow",
"Action": "s3:GetAccessGrant",
"Resource": "*"
}
]
}