You can use this policy when you want to make your bucket public and all its objects too.
Bucket policy to grant access to public
{
“Version”: “2012-10-17”,
“Id”: “Policy1652414648748”,
“Statement”: [
{
“Sid”: “Stmt1652414646357”,
“Effect”: “Allow”,
“Principal”: ““, “Action”: “s3:“,
“Resource”: “arn:aws:s3:::GIVE_YOUR_BUCKET_NAME/*”
}
]
}
Explanation of Each Line
Version”: “2012-10-17”: Specifies the version of the policy language used.
Id”: “Policy1652414648748”: An optional identifier for the policy.
Statement”: […]: An array of statements defining permissions.
Sid”: “Stmt1652414646357”: An optional identifier for the statement.
Effect”: “Allow”: Indicates that the statement grants permission.
Principal”: “*”: Grants permission to anyone (represented by the asterisk).
Action”: “s3:*”: Allows all actions on S3 resources.
Resource”: “arn:aws:s3:::GIVE_YOUR_BUCKET_NAME/*”: Specifies the resource to which the permissions apply, in this case, all objects in the specified bucket.
What the Policy Does
This policy grants full control (read, write, delete) over all objects in the specified S3 bucket to anyone. It’s essentially making the entire bucket and its contents public.
Security Implications
Granting public access to an S3 bucket is generally not recommended due to security risks. Sensitive data could be exposed to unauthorized users. It’s crucial to carefully evaluate the need for public access and implement appropriate security measures if necessary.
To restrict access, you can modify the Principal, Action, and Resource elements to specify who can perform which actions on specific objects or parts of the bucket.
**Remember after the bucket name and after the “/” you can give any particular file or folder name and only that
will be accessible, in our case we gave *, which means everything in the bucket is publicly accessible.