With Amazon S3 bucket policies, you can secure access to objects in your buckets, so that only users with the appropriate permissions can access them. You can even prevent authenticated users without the appropriate permissions from accessing your Amazon S3 resources.
This section presents examples of typical use cases for bucket policies. These sample policies use DOC-EXAMPLE-BUCKET as the resource value. To test these policies, replace the user input placeholders with your own information (such as your bucket name).
To grant or deny permissions to a set of objects, you can use wildcard characters (*) in Amazon Resource Names (ARNs) and other values. For example, you can control access to groups of objects that begin with a common prefix or end with a given extension, such as .html.
For information about bucket policies, see Using bucket policies. For more information about AWS Identity and Access Management (IAM) policy language, see