To allow public read access to an S3 bucket, update the bucket's permissions to unblock public access and update the bucket's policy to grant public read.

Allow Public Read access to an AWS S3 Bucket


## Allow Public Read access to an S3 Bucket

**To allow public read access to an S3 bucket:**

1. Open the AWS S3 console and click on the bucket's name
2. Click on the `Permissions` tab
3. Find the `Block public access (bucket settings)` section, click on the `Edit`
   button, uncheck the checkboxes and click on `Save changes`

![uncheck checkboxes](/images/blog/aws-s3-allow-public-read-access/uncheck-checkboxes.webp)

4. In the `Permissions` tab scroll down to the `Bucket policy` section and click
   on the `Edit` button. Paste the following policy into the textarea to grant
   public read access to all files in your S3 bucket.

<Alert>
  Replace the <code>YOUR_BUCKET_NAME</code> placeholder with your bucket's name.
</Alert>

```json:bucket-policy-public-read
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": [
        "s3:GetObject"
      ],
      "Resource": "arn:aws:s3:::YOUR_BUCKET_NAME/*"
    }
  ]
}
```

For example, the bucket policy of an s3 bucket with the name `my-bucket` will
look like:

![bucket policy](/images/blog/aws-s3-allow-public-read-access/bucket-policy.webp)

Save the changes you've made to the bucket's policy and your bucket will have
public read access enabled.

5. (Optional) - If you need to access your bucket with http request from the
   browser, you have update the bucket's **Cross-origin resource sharing
   (CORS)** options to allow your frontend's requests

   - In the `Permissions` tab of your S3 bucket, scroll down to the
     `Cross-origin resource sharing (CORS)` section and click on the `Edit`
     button

   - Paste the following JSON into the textarea and save the changes

```json:cors-configuration
[
  {
      "AllowedHeaders": [
          "Authorization",
          "Content-Length"
      ],
      "AllowedMethods": [
          "GET"
      ],
      "AllowedOrigins": [
          "*"
      ],
      "ExposeHeaders": [],
      "MaxAgeSeconds": 3000
  }
]
```

**To test that your bucket has public read access enabled:**

1. Click on the `Objects` tab in your S3 bucket
2. Click on the checkbox next to a file's name
3. Click on the `Copy URL` button at the top, top copy the public URL of the
   file

![copy s3 object url](/images/blog/aws-s3-allow-public-read-access/copy-s3-object-url.webp)

4. Paste the url in your browser and you should see the contents of the file
   (for html files or images)

Note that you'll see a red badge with the text `Publicly accessible` next to
your bucket's name.

![publicly accessible badge](/images/blog/aws-s3-allow-public-read-access/publicly-accessible-badge.webp)

In our case the bucket policy only grants public access on the bucket, other
people could not add objects to your S3 bucket.

<InArticleAd />

## Further Reading

- [AWS CDK Tutorial for Beginners - Step-by-Step Guide](/blog/aws-cdk-tutorial-typescript)
- [How does AWS CDK work](/blog/how-does-aws-cdk-work)
- [What is a Token in AWS CDK](/blog/what-is-aws-cdk-token)
- [CDK Constructs - Complete Guide](/blog/cdk-constructs-tutorial)
- [What is an identifier (id) in AWS CDK](/blog/aws-cdk-identifiers)
- [How to use Context in AWS CDK](/blog/how-to-use-context-aws-cdk)
- [How to use Parameters in AWS CDK](/blog/aws-cdk-parameters-example)

<InArticleAd />


Allow Public Read access to an AWS S3 Bucket

Allow Public Read access to an S3 Bucket #

Further Reading #

Borislav Hadzhiev

For more articles, navigate to myHome Page

Allow Public Read access to an AWS S3 Bucket

Allow Public Read access to an S3 Bucket #

Further Reading #

Join my newsletter

Borislav Hadzhiev

For more articles, navigate to myHome Page