c# - AWS List user folder for S3 -


creating c# application view folders , files stored in aws s3 clients sign site.

currently can create iam user , assign permission specific folder. ran issues when trying view folder , contents. can view folder if use aws access key , secret key wondering if there user level credential can use retrieve folders user has been given permission to?

this have got far.

            policy pl = generatepolicy(bucketname, foldername);             credentials creds = getfederatedcredentials(pl, username);               var sessioncredentials = new sessionawscredentials(creds.accesskeyid, creds.secretaccesskey, creds.sessiontoken);              using (var client = new amazons3client(sessioncredentials, amazon.regionendpoint.useast1))             {                 var response = client.listobjects(request);                  foreach (var subfolder in response.commonprefixes)                 {                     /* list sub-folders */                      console.writeline(subfolder);                 }                 foreach (var file in response.s3objects)                 {                     /* list files */                 }             }

but getting error on client.listobjects(request) - access denied error

here generatepolicy code

public static policy generatepolicy(string bucket, string username)     {         var statement = new statement(statement.statementeffect.allow);          // allow access sub folder represented username in bucket         statement.resources.add(resourcefactory.news3objectresource(bucket, username + "/*"));          // allow , put object requests.         statement.actions = new list<actionidentifier>() { s3actionidentifiers.getobject, s3actionidentifiers.putobject };          // lock requests coming client machine.         //statement.conditions.add(conditionfactory.newipaddresscondition(ipaddress));          var policy = new policy();         policy.statements.add(statement);          return policy;     }

here getfederatedcredentials code

public static credentials getfederatedcredentials(policy policy, string username)     {         var request = new getfederationtokenrequest()         {             name = username,             policy = policy.tojson()         };          var stsclient = new amazonsecuritytokenserviceclient(aws_access_key, aws_secret_key, amazon.regionendpoint.useast1);          var response = stsclient.getfederationtoken(request);         return response.getfederationtokenresult.credentials;     }

any appreciated. in advance

you should add "listbucket" statement.actions


-