Amazon S3 buckets are by default private to avoid accidental exposure of personal data by everyone. But it is possible to make an S3 bucket public even if it has already been created as private. Basically two steps are required. Also, you have option to make a very new bucket public almost in the same way.
- Enable appropriate public access settings
- Attach corresponding bucket policies
Steps to make an S3 bucket public
For enabling appropriate public access settings:
1. Sign in to Amazon Web Services and go to your S3 Management Console.
2. You will see the list of all buckets in your Amazon S3. In this list, the bucket mustafagonen.com is open to public access. But the bucket www.example-public-website.com and also its objects are not shared publicly. So let’s click on this bucket and get into it to make it public.
3. We go to the Permissions tab to change it.
4. Then we will go to “Block public access (bucket settings)” section and click on Edit.
5. Just uncheck the “Block all public access” option, and then click the Save button.
So far, what we have done is not enough to make the S3 bucket public. We just unblocked public access. Now we move on to the second phase. To attach a bucket policy. Thus users will be able to access the S3 bucket and perform actions such as reading and writing on prefixes and objects (depending on the attachment policy).
For attaching corresponding bucket policies:
1. Follow the same first three steps above. From the bucket list, click on the bucket name again. Select the Permissions tab again, but this time go to the Bucket Policy section. Click on Edit button which opens the Bucket Policy Editor.
2. You can copy and paste the policy statement below into the editor—this statement grant read-only permission to an anonymous user. DO NOT FORGET!!! >>>Change “www.example-public-website.com” to YOUR BUCKET NAME.<<<
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject","s3:GetObjectVersion"],
"Resource":["arn:aws:s3:::www.example-public-website.com/*"]
}
]
}You can find more examples by clicking on Policy examples, and you can choose and use the one that suits your needs. Finally, don’t forget to click the Save button at the bottom.
You will see more or less the following screen. The green box on the top states that you have successfully edited your Bucket policy. Also, In the “Permission overview” section, the status appears as “Public” now.
Conclusion
To make an S3 bucket public is not a rocket science. Today, we made the private S3 bucket public using the AWS Console. Making an S3 bucket public is also possible via AWS CLI, SDK, or REST API. Which method do you prefer more often? Please comment on it.
Thanks.
