Here you have to use the ListObjectsV2 operation. To use this operation you must have READ access to the bucket. To use this in an IAM policy you must have permissions to perform the s3:ListBucket action. The bucket owner has this permission by default and can grant permission to others