- Organization access policies apply to all principals and resources in your organization. You configure them in the Cloud Console or through the AI Object Storage API (for example, with
curl). CoreWeave evaluates these policies first. - Bucket access policies apply only to one bucket and its objects. Use them to allow users from other organizations to access your bucket. CoreWeave evaluates these policies after organization access policies.
Set a bucket access policy
To set a bucket access policy, use the S3-compatible API with standard S3 tools likeaws s3api or s3cmd, or use the CoreWeave Terraform provider. The policy is a JSON object that defines the access rules for the bucket and its objects.
For example, the following command applies a JSON policy file to a bucket. Replace [BUCKET-NAME] with the name of your bucket and [POLICY-FILE] with the path to the JSON file that contains the policy.
Key considerations
Keep the following aspects of bucket access policies in mind:| Policy aspect | Details |
|---|---|
| Policy scope | Bucket access policies can only grant S3-compatible API permissions. Actions under the cwobject: API (for example, managing access keys or audit logging) must be allowed through an organization access policy that uses "Resource": ["*"]. |
| Lifecycle configuration | Bucket access policies uniquely govern bucket lifecycle configuration, including: - Expiration actions (delete by date, age, or expired-marker) - Noncurrent version expiration - Abort incomplete multipart uploads |
| Access policies versus lifecycle policies | Bucket access policies are not the same as lifecycle policies. Lifecycle policies manage object lifecycles, while bucket access policies control access to the bucket and its objects. - Set access policies with s3:PutBucketPolicy.- Set lifecycle policies with s3:PutBucketLifecycleConfiguration. |
| Global operations | Certain actions are global and only evaluate organization policies: - s3:ListAllMyBuckets must specify "Resources": ["*"].- s3:PutBucketPolicy is global and only checks organization access policies to avoid lock-out. |
| Principal specification | You can’t use CoreWeave IAM groups in bucket access policies. Instead, specify principals by UID (from Cloud Console) or through SAML users and groups. |
| Explicit S3-compatible API access | The Object Storage Admin IAM role (or membership in the legacy admin group) does not grant S3-compatible API access. You must explicitly allow it through organization or bucket access policies. |
Avoid lockout
Bucket policy management can create lockout scenarios. To prevent accidental lockout, grants3:PutBucketPolicy permissions carefully. Since s3:PutBucketPolicy is evaluated only against organization policies (not bucket policies), any user with org-level permissions can overwrite a bucket policy.
Restrict org-level s3:PutBucketPolicy access to administrators, and use bucket policies to grant read and delete permissions (s3:GetBucketPolicy, s3:DeleteBucketPolicy) to bucket owners and operators.
Structure of bucket access policies
Bucket access policies use JSON objects with two top-level fields:Version, Statement. The Statement field is an array of objects, each defining the access rules for a specific bucket or object. Each statement can include the following:
| Field | Description |
|---|---|
Sid | Optional identifier for the policy statement. |
Effect | Indicates whether the policy allows or denies access. |
Principal | The user, role, or group to which the policy applies. |
Action | The specific actions that the policy allows or denies. |
Resource | The resources to which the policy applies, specified in ARN format. |
Condition | Optional element that specifies additional constraints for when the policy applies. |
Version
Version is required. It defines the version of the policy language. Use 2012-10-17 for all policies. Some old policies use 2008-10-17. Any other value is invalid.
Statement
Statement is required. It’s the main policy element that defines the access rules for buckets and objects. It can contain a single policy or an array. Enclose each policy in curly braces, and enclose arrays of policies in square brackets.
Sid
Sid (Statement ID) is optional. It’s a short, human-readable identifier for the policy statement, which is useful for tracking and managing policies. Each Statement in an array of statements can have an assigned Sid. Each Sid must be unique within the JSON policy, and may only consist of ASCII uppercase letters, lowercase letters, or numbers.
Effect
Effect is required. It specifies whether the statement allows or denies the action. The valid options are Allow or Deny, and these are case-sensitive. By default, CoreWeave denies access to resources. To allow access to a resource, set the Effect element to Allow. To override an allow that is otherwise in force, set the Effect element to Deny.
Principal / NotPrincipal
This field defines who gets access to the resources specified in the policy. EitherPrincipal or NotPrincipal is required. You can’t use them together.
- Use
Principalto specify the user, role, or group allowed for this policy. - Use
NotPrincipalto deny access to all except the principal specified.NotPrincipalis only supported with"Effect": "Deny". You can’t use it with"Effect": "Allow".
NotPrincipal can be difficult. We recommend using options such as Condition instead.
The key in the Principal object specifies the identity type:
- Use
CWfor users from the CoreWeave Cloud Console. - Use
AWSfor identities from a federated SAML provider.
Principal:
- For Console users:
arn:aws:iam::[ORG-ID]:coreweave/[USER-ID] - For SAML users:
arn:aws:iam::[ORG-ID]:saml/[USER-ID]
- Use
arn:aws:iam::[ORG-ID]:role/[JWT-ISSUER-URL]:[JWT-SUBJECT-USER-ID], where[JWT-ISSUER-URL]is the issuer of the JWT token and[JWT-SUBJECT-USER-ID]is the subject of the JWT token.
user/ in the ARN path. It isn’t a valid prefix for CoreWeave or SAML identities.
To specify multiple principals in a single policy statement, include multiple entries in the Principal object:
Action / NotAction
EitherAction or NotAction is required. You can’t use them together.
- Use
Actionto describe the specific actions that are allowed or denied. - Use
NotActionto match everything except the specified actions.
s3:* are allowed to match multiple actions. Be careful when you combine NotAction and "Effect": "Allow" in the same policy because it could grant users more permissions than intended. See the list of API calls and required actions to determine what actions must be allowed for each API call.
Resource / NotResource
EitherResource or NotResource is required. You can’t use them together.
- Use
Resourceto apply the policy to the listed resources. - Use
NotResourceto apply the policy to all resources except the ones listed.
* and ? are allowed within each colon-separated ARN segment. Wildcards don’t extend past colon boundaries.
Don’t use NotResource in tandem with "Effect": "Allow" and "Action": "*" because this allows all actions on all resources except those listed.
Condition
Condition is optional. A Condition consists of an operator, and a key with a value. CoreWeave evaluates the condition to grant or deny access based on the request context.
Condition operators
The supported condition operators are:| Field | Description |
|---|---|
IpAddress | The specified IP address or range, such as 203.0.113.0/24 |
NotIpAddress | All IP addresses except the specified address |
StringEquals | Exact, case-sensitive match |
StringNotEquals | Match all except specified string, case-sensitive |
StringLike | Case-sensitive match allowing wildcards |
StringNotLike | Negated case-sensitive match allowing wildcards |
StringEqualsIgnoreCase | Exact match, ignores case |
StringNotEqualsIgnoreCase | Negated exact match, ignores case |
Null | Check for absent condition key |
Condition keys
The supported condition keys are:| Field | Description |
|---|---|
cw:PrincipalArn | The principal, formatted as arn:partition:service:region:[ACCOUNT-ID]:[RESOURCE-TYPE/][RESOURCE-ID]. |
cw:ResourceArn | The resource ARN of the request. |
cw:ResourceOrgID | The organization ID from the owner of a resource. |
cw:PrincipalOrgID | The organization ID from the principal. |
cw:SourceIP | The source IP address of the request. |
cw:Bucket | The bucket name of the request. |
s3:prefix | The prefix of the request, used to list objects. |
iam:[ORG-ID]:groups | The CoreWeave IAM group memberships of the principal, sourced from SCIM. This key can contain multiple values, which you match using set operators. Populated when the principal authenticates with a CoreWeave API access token. Replace [ORG-ID] with your organization ID. |
oidc:[ORG-ID]:groups | The group memberships carried in the groups claim of an OIDC token. This key can contain multiple values, which you match using set operators. Populated when the principal authenticates through OIDC Workload Identity Federation. Replace [ORG-ID] with your organization ID. |
Multi-valued condition keys and set operators
Some condition keys, such asiam:[ORG-ID]:groups and oidc:[ORG-ID]:groups, carry more than one value. To compare a value in your policy against a multi-valued key, prefix a string operator with a set qualifier:
| Set qualifier | Description |
|---|---|
ForAnyValue: | The condition matches if at least one value in the key matches a value in your policy. |
ForAllValues: | The condition matches only if every value in the key matches a value in your policy. |
ForAnyValue:StringEqualsIgnoreCase matches when any one of the principal’s groups equals one of the listed values, ignoring case. Use these qualifiers whenever you write conditions against group memberships or other multi-valued attributes.
Example use cases
The following examples show bucket access policies for common scenarios. Use them as templates and adapt the principals, resources, and conditions to your own buckets.Full access to a specific bucket for one user
This policy grants full access to a specific bucket for one user. It has two statements:- The first statement allows the specified user to perform all S3 actions on the bucket and its contents.
- The second statement denies all other users access to the bucket and its contents.
[ORG-ID]with your organization’s ID.[USER-ID]with the ID of the user you want to grant full access to.[BUCKET-NAME]with the name of the bucket you want to grant full access to.
Full access to a specific bucket for one user
Read-only for a specific bucket for all users in your organization
This policy grants read-only access to a specific bucket for all users in your organization. It has two statements:- The first statement allows all users in the organization to list the bucket and get its location.
- The second statement allows all users in the organization to get objects from the bucket.
[BUCKET-NAME] with the name of the bucket and [ORG-ID] with your organization’s ID.
Always include a
Condition with cw:PrincipalOrgID when using "Principal": "*". Without it, the bucket is accessible to anyone on the internet, not just users in your organization.Read-only for a specific bucket for all users in your organization
Read-only for a specific bucket for a specific user
This policy grants read-only access to a specific bucket for a specific user. It has two statements:- The first statement allows the specified user to list the bucket and get its location.
- The second statement allows the specified user to get objects from the bucket.
[ORG-ID]with your organization’s ID.[USER-ID]with the ID of the user you want to grant read-only access to.[BUCKET-NAME]with the name of the bucket you want to grant read-only access to.
Read-only for a specific bucket for a specific user
All buckets read-only for all users in your organization
This policy grants read-only access to all buckets for all users in your organization. It has three statements:- The first statement allows all users in the organization to list all buckets.
- The second statement allows all users in the organization to list and describe all buckets.
- The third statement allows all users in the organization to get objects from all buckets.
[ORG-ID] with your organization’s ID.
Always include a
Condition with cw:PrincipalOrgID when using "Principal": "*". Without it, the bucket is accessible to anyone on the internet, not just users in your organization.All buckets read-only for all users in your organization
Limit to a specific prefix
This policy restricts theListBucket action to a specific prefix within a bucket. It has two statements:
- The first statement allows the user to list objects in the bucket only if the prefix matches
projects. - The second statement denies the user from listing objects in the bucket if the prefix doesn’t match
projects.
projects prefix. An explicit Deny statement blocks the user from listing any other keys, even if other policies grant broader permissions. For instance, the user might later receive permissions to list all keys through an updated user policy or bucket policy. But because Deny takes precedence over Allow, CoreWeave denies any request to list keys outside the projects prefix.
Replace [BUCKET-NAME] with the name of the bucket and [ORG-ID] with your organization’s ID.
Limit to a specific prefix
Attribute-based access control
Attribute-based access control (ABAC) grants access based on attributes carried by the principal rather than by naming each principal individually. When a principal authenticates, the credential carries a set of attributes, and you reference those attributes in a policyCondition to decide whether to allow or deny the request.
The most common attribute is the principal’s group memberships:
- When a principal authenticates with a CoreWeave API access token, the resulting credentials carry the principal’s SCIM group memberships in the multi-valued
iam:[ORG-ID]:groupscondition key. - When a principal authenticates through OIDC Workload Identity Federation, the groups from the token’s
groupsclaim are carried in the multi-valuedoidc:[ORG-ID]:groupscondition key.
ABAC is different from specifying a group as a
Principal. As described in Key considerations, you can’t name a CoreWeave IAM group as a Principal in a bucket access policy. You can, however, match group memberships in a Condition using the iam:[ORG-ID]:groups and oidc:[ORG-ID]:groups keys, which is the basis for the group-based access examples.Group-based access
This policy grants read access to a bucket only to principals who belong to theadmin group. It uses the multi-valued iam:[ORG-ID]:groups condition key with the ForAnyValue:StringEqualsIgnoreCase set operator, so the request is allowed when any one of the principal’s groups is admin.
Fill in the following parameters:
[ORG-ID]with your organization’s ID.[BUCKET-NAME]with the name of the bucket you want to grant access to.
Always include a
Condition with cw:PrincipalOrgID when using "Principal": "*". Without it, the bucket is accessible to anyone on the internet, not just principals in your organization.Grant read access to members of the admin group
oidc:[ORG-ID]:groups key in place of iam:[ORG-ID]:groups. To require membership in more than one group, list multiple values in the array, or add a separate condition with ForAllValues: to require all of them.
Required policies and actions
Each API call requires permission to perform one or more related actions, and those action names don’t always match the API calls. Some API calls perform multiple actions that require permission to separate actions. For example, copying an object requires permission to perform boths3:PutObject and s3:GetObject actions.
Use the following permission mapping when you plan bucket access policies. See Object Storage API features for a complementary list of API calls mapped to their associated actions.
| Required action permission | API call |
|---|---|
s3:AbortMultipartUpload | s3:AbortMultiPartUpLoad |
s3:CreateBucket | s3:CreateBucket |
s3:DeleteBucket | s3:DeleteBucket |
s3:DeleteObject | s3:DeleteObjects3:DeleteObjectss3:RenameObject |
s3:DeleteObjectTagging | s3:DeleteObjectTagging |
s3:DeleteObjectVersion | s3:DeleteObjects3:DeleteObjects |
s3:DeleteLifecycleConfiguration | s3:DeleteBucketLifeCycle |
s3:DeleteBucketPolicy | s3:DeleteBucketPolicy |
s3:DeleteBucketTagging | s3:DeleteBucketTagging |
s3:GetLifecycleConfiguration | s3:GetBucketLifecycleConfiguration |
s3:GetBucketLocation | s3:GetBucketLocation |
s3:GetBucketPolicy | s3:GetBucketPolicy |
s3:GetBucketTagging | s3:GetBucketTagging |
s3:GetBucketVersioning | s3:GetBucketVersioning |
s3:GetObject | s3:CopyObjects3:GetObjects3:GetObjectAcls3:GetObjectAttributess3:HeadObjects3:UploadPartCopy |
s3:GetObjectTagging | s3:GetObjectTagging |
s3:ListAllMyBuckets | s3:ListBuckets |
s3:ListBucket | s3:GetBucketACLs3:HeadBuckets3:ListObjectsV2s3:ListObjectVersions |
s3:ListMultipartUploadParts | s3:ListParts |
s3:ListBucketMultipartUploads | s3:ListMultiPartUploads |
s3:PutLifecycleConfiguration | s3:PutBucketLifecycleConfiguration |
s3:PutBucketPolicy | s3:PutBucketPolicyIf no policy exists, CoreWeave grants access to create a new policy if the user’s organization ID matches the bucket’s organization. |
s3:PutBucketTagging | s3:PutBucketTagging |
s3:PutBucketVersioning | s3:PutBucketVersioning |
s3:PutObject | s3:CompleteMultiPartUpLoads3:CopyObjects3:CreateMultiPartUpLoads3:PutObjects3:RenameObjects3:UploadParts3:UploadPartCopyPutObject, CompleteMultiPartUpLoad, CopyObject, and RenameObject support conditional writes. |
s3:PutObjectTagging | s3:PutObjectTagging |
Bucket lifecycle policy
Bucket access policies and bucket lifecycle policies are configured separately and serve different purposes. Lifecycle policies automate object expiration, noncurrent version cleanup, and aborting incomplete multipart uploads, but they are not part of the bucket access policy. See Bucket lifecycle policies for the full reference, examples, and apply procedures. Permission to apply a lifecycle configuration is governed by the bucket access policy:s3:PutBucketLifecycleConfigurationcreates or replaces the lifecycle configuration on a bucket.s3:GetBucketLifecycleConfigurationreads the lifecycle configuration on a bucket.s3:DeleteBucketLifeCycleremoves the lifecycle configuration from a bucket.