Allow Public Read access to an AWS S3 Bucket


Borislav Hadzhiev

Wed Sep 22 20212 min read

Allow Public Read access to an S3 Bucket #

To allow public read access to an S3 bucket:

  1. Open the AWS S3 console and click on the bucket's name
  2. Click on the Permissions tab
  3. Find the Block public access (bucket settings) section, click on the Edit button, uncheck the checkboxes and click on Save changes

uncheck checkboxes

  1. In the Permissions tab scroll down to the Bucket policy section and click on the Edit button. Paste the following policy into the textarea to grant public read access to all files in your S3 bucket.
Replace the YOUR_BUCKET_NAME placeholder with your bucket's name.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": [ "s3:GetObject" ], "Resource": "arn:aws:s3:::YOUR_BUCKET_NAME/*" } ] }

For example, the bucket policy of an s3 bucket with the name my-bucket will look like:

bucket policy

Save the changes you've made to the bucket's policy and your bucket will have public read access enabled.

  1. (Optional) - If you need to access your bucket with http request from the browser, you have update the bucket's Cross-origin resource sharing (CORS) options to allow your frontend's requests

    • In the Permissions tab of your S3 bucket, scroll down to the Cross-origin resource sharing (CORS) section and click on the Edit button

    • Paste the following JSON into the textarea and save the changes

[ { "AllowedHeaders": [ "Authorization", "Content-Length" ], "AllowedMethods": [ "GET" ], "AllowedOrigins": [ "*" ], "ExposeHeaders": [], "MaxAgeSeconds": 3000 } ]

To test that your bucket has public read access enabled:

  1. Click on the Objects tab in your S3 bucket
  2. Click on the checkbox next to a file's name
  3. Click on the Copy URL button at the top, top copy the public URL of the file

copy s3 object url

  1. Paste the url in your browser and you should see the contents of the file (for html files or images)

Note that you'll see a red badge with the text Publicly accessible next to your bucket's name.

publicly accessible badge

In our case the bucket policy only grants public access on the bucket, other people could not add objects to your S3 bucket.

Further Reading #

Join my newsletter

I'll send you 1 email a week with links to all of the articles I've written that week

Buy Me A Coffee