From 86ca990b4713680c04bf50bc5fc1dad68a6931f7 Mon Sep 17 00:00:00 2001
From: Colin Johnson <colin@cloudavail.com>
Date: Thu, 19 Sep 2024 11:38:19 -0700
Subject: [PATCH] resolve issue-2809 with correct IAM Policy

---
 site/en/adminGuide/clouds/aws/s3.md | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/site/en/adminGuide/clouds/aws/s3.md b/site/en/adminGuide/clouds/aws/s3.md
index 99531723b..ccb9c35fb 100644
--- a/site/en/adminGuide/clouds/aws/s3.md
+++ b/site/en/adminGuide/clouds/aws/s3.md
@@ -44,13 +44,20 @@ For more details, refer to [IAM OIDC](https://docs.aws.amazon.com/eks/latest/use
         {
           "Effect": "Allow",
           "Action": [
+            "s3:ListBucket"
+          ],
+          "Resource": [
+            "arn:aws:s3:::<bucket-name>"
+          ]
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:DeleteObject",
             "s3:GetObject",
-            "s3:PutObject",
-            "s3:ListBucket",
-            "s3:DeleteObject"
+            "s3:PutObject"
           ],
           "Resource": [
-            "arn:aws:s3:::<bucket-name>",
             "arn:aws:s3:::<bucket-name>/*"
           ]
         }