Reputation: 1714
How to set access level as "Public" for all files uploading to an S3 bucket?
I have created an S3 bucket and also an API through the AWS API Gateway to upload images to the bucket. The problem is, when I upload an image, to view that image I need to update the Access control list (ACL) to Public for each image separately. Even though I set everything to the public in the bucket permissions, still I have to update the ACL in each image to access them. How can I set the access level to "Public" for the whole bucket once?
This is my bucket permissions:
Access: Public
Block all public access: Off
Bucket policy:
{
"Version": "2012-10-17",
"Id": "Policy1647249671911",
"Statement": [
{
"Sid": "Stmt1647249649218",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::mybucketname"
}
]
}
Access control list (ACL):
Upvotes: 2
Views: 1431
Answers (1)
Reputation: 238209
Your current policy is highly insecure and allows anyone to do pretty much anything with your bucket, including changing it policy or deleting it.
The correct bucket policy for public, read-only access is:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicRead",
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject",
"s3:GetObjectVersion"
],
"Resource": [
"arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"
]
}
]
}
Upvotes: 3
Related Questions
- Setting aws s3 file permission to public after upload in Laravel
- How do I make all files in an S3 bucket public?
- How to set public permissions for files but not directories/folders in AWS S3
- How to make files in S3 publicly accessible but block public uploads?
- Make s3 file in bucket public as default
- Make AWS S3 ACL public for public bucket/file?
- S3: Make uploaded files public by default
- Using S3 for uploads but not allowing public access
- Make uploaded files to S3 public by default
- How to set visibility (read) permissions on S3 uploads