How to securely manage multiple buckets with separate segments in AWS

Hi, how can i manage multiple bucket and safe on security restrictions by separate segemnts on the same aws account?

Put policies on the buckets and lock them down to specific actions by specific iam roles?

You can even set the policies to restrict to specific prefixes on objects within the buckets

If needed for some reason