diff --git a/portal-ui/src/common/SecureComponent/__tests__/accessControl.test.ts b/portal-ui/src/common/SecureComponent/__tests__/accessControl.test.ts
index 93aef080d..71095aa0d 100644
--- a/portal-ui/src/common/SecureComponent/__tests__/accessControl.test.ts
+++ b/portal-ui/src/common/SecureComponent/__tests__/accessControl.test.ts
@@ -17,6 +17,7 @@
 import hasPermission from "../accessControl";
 import { store } from "../../../store";
 import { SESSION_RESPONSE } from "../../../screens/Console/actions";
+import { IAM_PAGES, IAM_PAGES_PERMISSIONS, IAM_SCOPES } from "../permissions";
 
 const setPolicy1 = () => {
   store.dispatch({
@@ -52,6 +53,49 @@ const setPolicy1 = () => {
     },
   });
 };
+const setPolicy2 = () => {
+  store.dispatch({
+    type: SESSION_RESPONSE,
+    message: {
+      distributedMode: true,
+      operator: false,
+      features: [],
+      permissions: {
+        "arn:aws:s3:::bucket-svc": [
+          "admin:CreateServiceAccount",
+          "s3:GetBucketLocation",
+          "s3:ListBucket",
+          "s3:ListBucketMultipartUploads",
+          "s3:ListMultipartUploadParts",
+          "admin:CreateUser",
+        ],
+        "arn:aws:s3:::bucket-svc/prefix1/*": [
+          "admin:CreateUser",
+          "admin:CreateServiceAccount",
+          "s3:GetObject",
+          "s3:PutObject",
+        ],
+        "arn:aws:s3:::bucket-svc/prefix1/ini*": [
+          "admin:CreateServiceAccount",
+          "s3:*",
+          "admin:CreateUser",
+        ],
+        "arn:aws:s3:::bucket-svc/prefix1/jars*": [
+          "admin:CreateUser",
+          "admin:CreateServiceAccount",
+          "s3:*",
+        ],
+        "arn:aws:s3:::bucket-svc/prefix1/logs*": [
+          "admin:CreateUser",
+          "admin:CreateServiceAccount",
+          "s3:*",
+        ],
+        "console-ui": ["admin:CreateServiceAccount", "admin:CreateUser"],
+      },
+      status: "ok",
+    },
+  });
+};
 
 test("Upload button disabled", () => {
   setPolicy1();
@@ -64,3 +108,18 @@ test("Upload button enabled valid prefix", () => {
     true
   );
 });
+
+test("Can Browse Bucket", () => {
+  setPolicy2();
+  expect(
+    hasPermission(
+      "bucket-svc",
+      IAM_PAGES_PERMISSIONS[IAM_PAGES.BUCKETS_BROWSE_VIEW]
+    )
+  ).toBe(true);
+});
+
+test("Can List Objects In Bucket", () => {
+  setPolicy2();
+  expect(hasPermission("bucket-svc", [IAM_SCOPES.S3_LIST_BUCKET])).toBe(true);
+});
diff --git a/portal-ui/src/common/SecureComponent/accessControl.ts b/portal-ui/src/common/SecureComponent/accessControl.ts
index 41edd811f..a6b40910c 100644
--- a/portal-ui/src/common/SecureComponent/accessControl.ts
+++ b/portal-ui/src/common/SecureComponent/accessControl.ts
@@ -82,8 +82,16 @@ const hasPermission = (
 
       const simpleResources = get(sessionGrants, rsItem, []);
       const s3Resources = get(sessionGrants, `arn:aws:s3:::${rsItem}/*`, []);
+      const bucketOnly = get(sessionGrants, `arn:aws:s3:::${rsItem}/`, []);
+      const bckOnlyNoSlash = get(sessionGrants, `arn:aws:s3:::${rsItem}`, []);
 
-      resourceGrants = [...simpleResources, ...s3Resources, ...wildcardGrants];
+      resourceGrants = [
+        ...simpleResources,
+        ...s3Resources,
+        ...wildcardGrants,
+        ...bucketOnly,
+        ...bckOnlyNoSlash,
+      ];
 
       if (containsResource) {
         const matchResource = `arn:aws:s3:::${rsItem}`;