Lets see how to set permissions on our S3 bucket and then we will see the affects of the policy on our S3 bucket.
- Upload a few files in S3 bucket.
- Go to the bucket homepage and click on permissions.
- In the permissions got to the bucket policy section and click edit.
- This takes us to a section where we edit our policies.
- This is our first time generating our policy. So, lets use the policy generator given by Amazon to make our policy. To use AWS policy generator click policy generator button.
AWS policy generator generates policy many different things so select bucket policy from the type of policy.
In this policy we will make our bucket objects public. So that anyone can see them via the url. To do that we set the following on policy generator.
- Effect: Allow - This means who ever falls in this policy will be allowed to do the action defined in the bucket policy.
- Principal: * - This means we ale allowing everyone to action defined in the policy
- Actions: GetObject - This will allow us to set policy for getting the objects from S3 bucket.
- Amazon Resource Name (ARN): Bucket ARN get that from the page where we clicked policy generator and add /*
So we have changed the S3 bucket policy. We will set other policies and how they affect our bucket later on. Next we will study how to host static sites on S3.