re: GraphQL Tutorial - How to Manage Image & File Uploads & Downloads with AWS AppSync & AWS Amplify VIEW POST


Nader, when I set my S3 bucket to public per instruction I got a warning in AWS S3 console:

This bucket has public access
You have provided public access to this bucket. We highly recommend that you never grant any kind of public access to your S3 bucket.

Does it mean that anyone can use this S3 bucket???
Please let me know


Yes, if you set a bucket of folder in a bucket public, anyone can read from that bucket. I put a warning letting the readers know about this as it is not recommended by AWS security policy, but many people ask for or want this functionality so I showed how it could be done as well.


Can public users of the S3 bucket just read from it or write into it as well? How to make it more secure?

Ah, no they would only be able to read from it using the instructions here. To make it secure from reads as well, see the other example I provided in this tutorial.

code of conduct - report abuse