Adding Bucket Policy on S3 Bucket
- Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.
- In the Bucket name list, choose the name of the bucket that you want to create a bucket policy for or whose bucket policy you want to edit.
- Choose Permissions, and then choose Bucket Policy.
- In the Bucket policy editor text box, type or copy and paste a new bucket policy, or edit an existing policy. The bucket policy is a JSON file. The text you type in the editor must be valid JSON.
- Choose Save
- Some example policy:
- Granting Read-Only Permission to an Anonymous User
{ "Version":"2012-10-17", "Statement":[ { "Sid":"PublicRead", "Effect":"Allow", "Principal": "*", "Action":["s3:GetObject"], "Resource":["arn:aws:s3:::
examplebucket
/*"] } ] } - Restricting Access to a Specific HTTP Referer condition key.
{ "Version":"2012-10-17", "Id":"http referer policy example", "Statement":[ { "Sid":"Allow get requests originating from www.example.com and example.com.", "Effect":"Allow", "Principal":"*", "Action":"s3:GetObject", "Resource":"arn:aws:s3:::
examplebucket
/*", "Condition":{ "StringLike":{"aws:Referer":["http://www.example.com/*","http://example.com/*"]} } } ] }
- Granting Read-Only Permission to an Anonymous User