In this tutorial, we are going to learn how we can enable public access for the s3 bucket so that we can access the content or assets on that bucket.
Login to your amazon console and go to the s3 service. There we can see the list of all the buckets. Click on the bucket where we want to set the bucket public access.
In this tutorial, we will learn two ways to give public access.
One is for only the server IP i.e only the server with the corresponding IP can access the content of the s3 bucket.
Another is publicly accessible i.e the content on the buckets can be accessible publicly who has the object link.
Grant public access only for the specific server or server IP
Click on the Permissions tab.
There you can see the Bucket policy option. Click on edit and add the following json config.
{
"Version": "2012-10-17",
"Id": "S3PolicyId1",
"Statement": [
{
"Sid": "IPAllow",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::bucket_name/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "34.188.236.204"
}
}
}
]
}
Note: use your own bucket name instead of bucket_name and SourceIp instead of 34.188.236.204 above.
Click Save Changes we are good to go. Here we are only allowing the IP address 34.188.236.204 i.e the object is only accessible from this server.
Grant public access for all which have s3 bucket content links.
For this, under the Permission tab go to the Block public access (bucket settings) and click on Edit button. Now uncheck Block all public access and save changes.
Now, go to the Bucket policy option and add the following JSON config.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicRead",
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject",
"s3:GetObjectVersion"
],
"Resource": "arn:aws:s3:::bucket_name/*"
}
]
}Note: replace your bucket name instead of bucket_name above
Click Save Changes. We are good, now all the objects inside this bucket can access who got the object s3 links.
0 comments:
New comments are not allowed.