howtoceph_rgw_bucket_policy_both.json

{
  "Version": "2012-10-17",
  "Id": "S3Policy1",
  "Statement": [
    {
      "Sid": "Allow bar read only",
      "Effect": "Allow",
      "Principal": {
      "AWS": ["arn:aws:iam:::user/bar"]
    },
    "Action": [
      "s3:ListBucket",
      "s3:GetObject"
    ],
    "Resource": [
      "arn:aws:s3:::foo",
      "arn:aws:s3:::foo/*"
    ]
    },
    {
      "Sid": "Public read",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::foo/*"
    }
  ]
}