Restricting access to s3 objects

I want to restrict access to s3 objects. It should be accessible to an IAM user externally in an IDE called anypoint studio & and also to an application hosted on another cloud called Anypoint cloudhub. Can someone point me in the right direction?

You can make use of AWS S3 -> Resource policy to allow specific principal(s) to access object(s) in the bucket. If you think that using Resource Policy creates a lot of messy policy then you can also look at S3 Access Points.