Lets see how to set permissions on our S3 bucket and then we will see the affects of the policy on our S3 bucket.
- Upload a few files in S3 bucket.
- Go to the bucket homepage and click on permissions.
- In the permissions got to the bucket policy section and click edit.
- This takes us to a section where we edit our policies.
- This is our first time generating our policy. So, lets use the policy generator given by Amazon to make our policy. To use AWS policy generator click policy generator button.
AWS policy generator generates policy many different things so select bucket policy from the type of policy.
-
In this policy we will make our bucket objects public. So that anyone can see them via the url. To do that we set the following on policy generator.
- Effect: Allow - This means who ever falls in this policy will be allowed to do the action defined in the bucket policy.
- Principal: * - This means we ale allowing everyone to action defined in the policy
- Actions: GetObject - This will allow us to set policy for getting the objects from S3 bucket.
- Amazon Resource Name (ARN): Bucket ARN get that from the page where we clicked policy generator and add /*
Click add statement and after that click on generate policy. A policy is generated.
Copy this policy and paste it in the edit policy section and click on save changes this will not allow you to save the changes still.
This is because there is a block all public access section in our permissions tab. Edit that and allow all public access by unchecking block all public access.
We have changed the bucket policy. Now click on an object in the bucket and click on the URL given it should open it.
So we have changed the S3 bucket policy. We will set other policies and how they affect our bucket later on. Next we will study how to host static sites on S3.
Top comments (0)