Amazon web services S3是否提供任何bucket策略，以便在有限的时间内将对象共享给IAM用户？

我想在有限的时间窗口内与IAM用户（testuser）共享我的bucket（sourcebucket）。AWS是否提供任何bucket策略，以便我可以在有限的时间范围内与IAM用户共享我的bucket对象

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "DelegateS3Access",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::12345678910:user/testuser"
            },
            "Action": [
                "s3:ListBucket",
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::sourcebucket/*",
                "arn:aws:s3:::sourcebucket"
            ]
        }
    ]
}

AWS是否提供任何bucket策略，以便我可以在有限的时间范围内与IAM用户共享我的bucket对象

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "DelegateS3Access",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::12345678910:user/testuser"
            },
            "Action": [
                "s3:ListBucket",
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::sourcebucket/*",
                "arn:aws:s3:::sourcebucket"
            ]
        }
    ]
}

对

检查

dategreaterther

和

DateLessThan

条件和

aws:CurrentTime

条件键。以下是一个示例，使用问题中的策略作为基础：

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "DelegateS3Access",
        "Effect": "Allow",
        "Principal": {
            "AWS": "arn:aws:iam::12345678910:user/testuser"
        },
        "Action": [
            "s3:ListBucket",
            "s3:GetObject"
        ],
        "Resource": [
            "arn:aws:s3:::sourcebucket/*",
            "arn:aws:s3:::sourcebucket"
        ],
        "Condition": {
            "DateGreaterThan": {"aws:CurrentTime": "2020-04-01T00:00:00Z"},
            "DateLessThan": {"aws:CurrentTime": "2020-06-30T23:59:59Z"}
        }
    }
]
}

以下是一些有用的链接：

-这应该会有帮助！