@4:40 you say, "yes, you can apply object ACL to individual IAM users but you cannot do it through the console, you have to do it through the CLI or API"
On the AWS S3 ACL Overview page (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) it states: "When using ACLs, a grantee can be an AWS account or one of the predefined Amazon S3 groups. However, the grantee cannot be an IAM user."
Can we get this updated in the course?
You are right. Also you can grant permissions only to other AWS accounts; you cannot grant permissions to users in your account. This was also wrong in the video.
Thank you for helping to clarify this.
I think it is about terminology, AWS account (known as AWS root account), AWS user it is actually AWS IAM user that is related (derived) from an AWS root account.
Am I the only one who wishes AWS would retire ACLs and stick to bucket policies?
policy cumulative limitations on te number of characters is an issue. And therefore i for one thought ACL should be extended to support IAM users. Upto 99/100 usres can be added why would i add 100 accounts (iam users yes).