[DOCS-12486] Add permissions (#32728)

buraizu · web-flow · commit 6d5733962f34 · 2025-11-10T14:59:15.000-05:00
diff --git a/layouts/shortcodes/aws-storage-management.md b/layouts/shortcodes/aws-storage-management.md
@@ -1,3 +1,6 @@
+Storage Management needs the following permissions to enable S3 Inventory on source buckets and read the generated reports from destination buckets:
+
 | Resource Type | Permissions                        |
 | ------------- | ---------------------------------- |
-| aws:s3:bucket | s3:GetAccelerateConfiguration,<br>s3:GetAnalyticsConfiguration,<br>s3:GetBucket*,<br>s3:GetEncryptionConfiguration,<br>s3:GetInventoryConfiguration,<br>s3:GetLifecycleConfiguration,<br>s3:GetMetricsConfiguration,<br>s3:GetReplicationConfiguration,<br>s3:ListBucket,<br>s3:ListAllMyBuckets |
+| aws:s3:bucket | s3:GetAccelerateConfiguration,<br>s3:GetAnalyticsConfiguration,<br>s3:GetBucket*,<br>s3:GetEncryptionConfiguration,<br>s3:GetInventoryConfiguration,<br>s3:GetLifecycleConfiguration,<br>s3:GetMetricsConfiguration,<br>s3:GetObject, // **Note**: This can be scoped to the destination buckets and prefixes<br>s3:GetReplicationConfiguration,<br>s3:ListAllMyBuckets,<br>s3:ListBucket, // **Note**: This can be scoped to the destination buckets and prefixes<br>s3:PutBucketNotification |
+
