Reputation: 539
S3 Bucket Policy for Hosted Static Website
I have an S3 bucket that is being used to host a static website. This example shows a policy that grants everyone access to the objects in the specified bucket (i.e. making the website public):
{
"Version":"2012-10-17",
"Statement":[{
"Sid":"PublicReadGetObject",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::example-bucket/*"]
}]
}
However, I want to make the website accessible to only specific Amazon users. So following this documentation, I specify these users in Principal:
{
"Version":"2012-10-17",
"Statement":[{
"Sid":"PublicReadGetObject",
"Effect":"Allow",
"Principal": {
"AWS": "arn:aws:iam::Account-ID:user/Dave"
},
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::example-bucket/*"]
}]
}
While this correctly enables permissions for who can access the resource via the S3 console, it results in a 403 for everybody trying to access the hosted website.
Is it possible to have user-level permissions restricting access to a hosted bucket?
Upvotes: 6
Views: 20227
Answers (1)
Reputation: 11931
No, it is not possible to apply user-level permissions to a static web site bucket in S3. From Permissions Required for Website Access:
When you configure a bucket as a website, you must make the objects that you want to serve publicly readable.
Upvotes: 5
Related Questions
- Static web hosting on AWS S3 giving me "403 permission denied"
- aws s3 bucket policy
- IAM Policy: Users cannot access S3 bucket
- Hosting a Static website in S3 Bucket Folder
- AWS S3 Static Site Hosting ACLs and Permissions
- Amazon s3 bucket policy access denied when hosting static webpage
- What is the s3 permission to allow the user the rights to enable the bucket for static website hosting?
- AWS S3 bucket policy
- S3 Principal Bucket Policy Permissions
- s3 bucket policy post