@@ -551,12 +551,12 @@ private static void processBucketResource(String volumeName, Set<S3Action> mappe
551551 if (prefixes != null && !prefixes .isEmpty ()) {
552552 for (String prefix : prefixes ) {
553553 createObjectResourcesFromConditionPrefix (
554- volumeName , authorizerType , resourceSpec , prefix , objToAclsMap , EnumSet .of (READ ));
554+ volumeName , authorizerType , resourceSpec , prefix , objToAclsMap , EnumSet .of (LIST ));
555555 }
556556 } else {
557- // No condition prefixes, but we need READ access to all objects, so use "*" as the prefix
557+ // No condition prefixes, but we need LIST access to all objects, so use "*" as the prefix
558558 createObjectResourcesFromConditionPrefix (
559- volumeName , authorizerType , resourceSpec , "*" , objToAclsMap , EnumSet .of (READ ));
559+ volumeName , authorizerType , resourceSpec , "*" , objToAclsMap , EnumSet .of (LIST ));
560560 }
561561 }
562562 }
@@ -809,7 +809,7 @@ enum S3Action {
809809 GET_BUCKET_LOCATION ("s3:GetBucketLocation" , ActionKind .BUCKET , EnumSet .of (READ ), EnumSet .of (READ ),
810810 EnumSet .noneOf (ACLType .class )),
811811 // Used for HeadBucket, ListObjects and ListObjectsV2 apis
812- LIST_BUCKET ("s3:ListBucket" , ActionKind .BUCKET , EnumSet .of (READ ), EnumSet .of (READ , LIST ), EnumSet .of (READ )),
812+ LIST_BUCKET ("s3:ListBucket" , ActionKind .BUCKET , EnumSet .of (READ ), EnumSet .of (READ , LIST ), EnumSet .of (LIST )),
813813 // Used for ListMultipartUploads API
814814 LIST_BUCKET_MULTIPART_UPLOADS ("s3:ListBucketMultipartUploads" , ActionKind .BUCKET , EnumSet .of (READ ),
815815 EnumSet .of (READ , LIST ), EnumSet .noneOf (ACLType .class )),
0 commit comments