Question related to policy creation

[jayshah7]

1. If I want to give access to only S3 bucket named A and deny rest all, can’t I just use Effect : Allow and resource as A ? Do I really need to specify Deny for rest of buckets ?
2. I was checking an example for giving read/write access to an S3 object, including console access and have below questions : (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_s3_rw-bucket-console.html)
   1. How can we get list of action needed for anything for example console access ? If you see below there are 6 actions mentioned for console access, how can we get this ?
   2. What does SID here means and can write any meaningful text ? { "Version": "2012-10-17", "Statement": [ { "Sid": "ConsoleAccess", "Effect": "Allow", "Action": [ "s3:GetAccountPublicAccessBlock", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:ListAllMyBuckets" ], "Resource": "" }, { "Sid": "ListObjectsInBucket", "Effect": "Allow", "Action": "s3:ListBucket", "Resource": ["arn:aws:s3:::bucket-name"] }, { "Sid": "AllObjectActions", "Effect": "Allow", "Action": "s3:Object", "Resource": ["arn:aws:s3:::bucket-name/*"] } ]

[amit2793]

Hi,jayshah ,have you joined online learning of aws.