1 Answers
Check out the link at the end for evaluating policy logic.
The long and short of it, since AWS has a least privilege given, only the actions allowed in the statement will affect certain resources. Despite resources being given a "*" one can only perform S3 actions.
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
This allows you to modify all S3 buckets and not a specific bucket. If you entered anything where the astrik is, it would have to be the S3 ARN