Setup an IAM user to manage an S3 bucket

Part of: Hosting assets on S3 + Cloudfront

We can create an IAM user that only has permissions to manage a desired bucket, e.g. S3-assets-manager.

The most basic permissions would be to just list and manage objects in the entire bucket:

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
            "Resource": [
More Permissions

Permission to list buckets may also be useful in some cases (e.g. if needed for an integration that's bucket-name agnostic).