I have created below S3 policy for a user-name - john under account : 416XXXXXX, so that he is only allowed to use consolek S3 folder.
But this is giving following error : This policy contains the following error: Has prohibited field Principal For more information about the IAM policy grammar, see AWS IAM Policies.
What exactly I am missing here ?
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1487252735934",
"Action": "s3:*",
"Effect": "Allow",
"Resource": "arn:aws:s3:::john",
"Principal": {
"AWS": [
"arn:aws:iam::416XXXXXX:user/karthik"
]
}
}
]
}