Articles → AWS → Create A Policy For The AWS S3 Bucket

Create A Policy For The AWS S3 Bucket

In this article, we will create a policy for the AWS S3 bucket.

Scenario

Whenever we add any file to the S3 bucket, we must make every object public explicitly. To reduce this effort, we will create a policy so that every file added to the S3 bucket will be public.

Creation Of Bucket

First, create a new bucket. At the time of creation make sure that you perform these actions: -

Uncheck the Block all public access checkbox
Check the checkbox I acknowledge that the current settings might result in this bucket and the objects within becoming public.

Picture showing unchecking the checkbox Block all public access to make bucket public

Click to Enlarge

Create The Policy JSON Using The AWS Policy Generator Tool

In the policy generator tool, enter the following values: -

Field	Value
Effect	Allow
Select Type of Policy	S3 Bucket Policy
Principal	*
Actions	GetObject

Picture showing selecting the action as GetObject

Click to Enlarge

In the Amazon Resource Name field, enter the ARN of the bucket.

Field	Value
Amazon Resource Name (ARN)	arn:aws:s3::[bucket Name]/*

Click on the Add Statement button.

Picture showing adding the policy statement using the Add Statement button

Click to Enlarge

Finally, click on the Generate Policy button to generate the policy.

Picture showing the policy json created on click of the Generate Policy button

Click to Enlarge

Add The Policy JSON In S3 Bucket

To add the policy JSON, click on the Properties link. Click on the Edit button in the Bucket policy section.

Picture showing the Edit button for editing the bucket policy

Click to Enlarge

Paste the JSON and click on the Save Changes button. You will get a confirmation message.

Picture showing the confirmation message for the creation of bucket policy

Click to Enlarge

Now, whatever object you add to the bucket will be publicly visible.

IAM Policy Vs Bucket Policy

Scenario	Policy Type
You have numerous S3 buckets and each bucket has different permissions requirement	IAM policy
You want to keep access control policies in the S3 environment	Bucket policy
Your IAM policy has reached its service limits	Bucket policy

Posted By -	Karan Gupta

Posted On -	Saturday, September 25, 2021

Updated On -	Friday, August 5, 2022

Query/Feedback

Your Email Id

Subject

Query/Feedback	Characters remaining 250