ACLs
In S3, almost all permissions are set on a bucket level. So after #53 (closed) is done, these can be added as ACLs to these buckets, combining them with the users from the "database" ( #41 (closed) ).
So after some users got access (read/write) to certain buckets we can add a check and corresponding error messages to every incoming request.
For more information see https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html
Edited by Sophie Wenzel-Teuber