Why are the items in my S3 403 bucket?

Question

Why are the items in my S3 403 bucket?

I load documents through the AWS API into the S3 bucket. It works great.

Items that are uploaded are marked as private but cannot be viewed online. I can get around this by right-clicking the file in the console and clicking on "Make it public" or using the API to make it public.

Is it possible to make all downloaded files publicly available, so I don’t need to make additional API calls for this?

Below is a screenshot of the permissions for the bucket:

I do not think that this is something related to IAM, since the requesting user is not a user at all, this is a publication.

thanks

+5

amazon-s3 amazon-web-services

Mike Jan 15 '18 at 10:48

source share

1 answer

Matt · Accepted Answer · 2018-01-15T10:53:05+0000

This can be done using the bucket policy (click the bucket button in the screenshot). eg.

{ "Version":"2012-10-17", "Statement":[ { "Sid":"AddPerm", "Effect":"Allow", "Principal": "*", "Action":["s3:GetObject"], "Resource":["arn:aws:s3:::examplebucket/*"] } ] }

(see "Granting read-only permissions to an anonymous user" at https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html )

This allows anyone ( * ) to perform GetObject on any item in the bucket, instead of setting permissions for each item.

Why are the items in my S3 403 bucket?

More articles: