[SOLVED] What permissions does rclone require for S3?

I’m about to setup a new rclone configuration to sync to S3 (now that Amazon Cloud Drive doesn’t work anymore :-p).

In order to short-circuit some of the setup time, I was wondering if anyone has specifications on what IAM policies would be required for a “least privilege” setup for a backup service to S3?

IOW, can someone share what permissions rclone requires to sync to an S3 bucket? e.g. Besides PutObject does it need ListObject or HeadBucket permissions?

Thanks!

I've figured this out, more info here: