Allow Public Read access to an AWS S3 Bucket


Borislav Hadzhiev

Last updated: Jul 25, 2022


Photo from Unsplash

Allow Public Read access to an S3 Bucket #

To allow public read access to an S3 bucket:

  1. Open the AWS S3 console and click on the bucket's name
  2. Click on the Permissions tab
  3. Find the Block public access (bucket settings) section, click on the Edit button, uncheck the checkboxes and click on Save changes

uncheck checkboxes

  1. In the Permissions tab, scroll down to the Bucket policy section and click on the Edit button. Paste the following policy into the textarea to grant public read access to all files in your S3 bucket.
Replace the YOUR_BUCKET_NAME placeholder with your bucket's name.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": [ "s3:GetObject" ], "Resource": "arn:aws:s3:::YOUR_BUCKET_NAME/*" } ] }

For example, the bucket policy of an s3 bucket with the name my-bucket will look like:

bucket policy

Save the changes you've made to the bucket's policy and your bucket will have public read access enabled.

  1. (Optional) - If you need to access your bucket with HTTP requests from the browser, you have update the bucket's Cross-origin resource sharing (CORS) options to allow your frontend's requests

    • In the Permissions tab of your S3 bucket, scroll down to the Cross-origin resource sharing (CORS) section and click on the Edit button

    • Paste the following JSON into the textarea and save the changes

[ { "AllowedHeaders": [ "Authorization", "Content-Length" ], "AllowedMethods": [ "GET" ], "AllowedOrigins": [ "*" ], "ExposeHeaders": [], "MaxAgeSeconds": 3000 } ]

To test that your bucket has public read access enabled:

  1. Click on the Objects tab in your S3 bucket.
  2. Click on the checkbox next to a file's name.
  3. Click on the Copy URL button at the top and copy the public URL of the file.

copy s3 object url

  1. Paste the URL in your browser and you should see the contents of the file (for html files or images).

Note that you'll see a red badge with the text Publicly accessible next to your bucket's name.

publicly accessible badge

In this case, the bucket policy only grants public read access to the bucket, so other people can't add objects to your S3 bucket.

Further Reading #

I wrote a book in which I share everything I know about how to become a better, more efficient programmer.
book cover
You can use the search field on my Home Page to filter through all of my articles.