Allow Public Read access to an AWS S3 Bucket

Allow Public Read access to an S3 Bucket #

To allow public read access to an S3 bucket:

1. Open the AWS S3 console and click on the bucket's name
2. Click on the Permissions tab
3. Find the Block public access (bucket settings) section, click on the Edit button, uncheck the checkboxes and click on Save changes

4. In the Permissions tab, scroll down to the Bucket policy section and click on the Edit button. Paste the following policy into the textarea to grant public read access to all files in your S3 bucket.

Copied!
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": [
        "s3:GetObject"
      ],
      "Resource": "arn:aws:s3:::YOUR_BUCKET_NAME/*"
    }
  ]
}

For example, the bucket policy of an s3 bucket with the name my-bucket will look like:

Save the changes you've made to the bucket's policy and your bucket will have public read access enabled.

5. (Optional) - If you need to access your bucket with HTTP requests from the browser, you have update the bucket's Cross-origin resource sharing (CORS) options to allow your frontend's requests

   • In the Permissions tab of your S3 bucket, scroll down to the Cross-origin resource sharing (CORS) section and click on the Edit button

   • Paste the following JSON into the textarea and save the changes

Copied!
[
  {
      "AllowedHeaders": [
          "Authorization",
          "Content-Length"
      ],
      "AllowedMethods": [
          "GET"
      ],
      "AllowedOrigins": [
          "*"
      ],
      "ExposeHeaders": [],
      "MaxAgeSeconds": 3000
  }
]

To test that your bucket has public read access enabled:

1. Click on the Objects tab in your S3 bucket.
2. Click on the checkbox next to a file's name.
3. Click on the Copy URL button at the top and copy the public URL of the file.

4. Paste the URL in your browser and you should see the contents of the file (for html files or images).

Note that you'll see a red badge with the text Publicly accessible next to your bucket's name.

In this case, the bucket policy only grants public read access to the bucket, so other people can't add objects to your S3 bucket.

Further Reading #

• List all Files in an S3 Bucket with AWS CLI
• Get the Size of a Folder in AWS S3 Bucket
• How to Get the Size of an AWS S3 Bucket
• Add a Bucket Policy to an AWS S3 Bucket
• Configure CORS for an AWS S3 Bucket
• Copy a Local Folder to an S3 Bucket
• Download a Folder from AWS S3
• How to Rename a Folder in AWS S3
• Copy Files and Folders between S3 Buckets
• How to Delete a Folder from an S3 Bucket
• Count Number of Objects in S3 Bucket
• Download an Entire S3 Bucket - Complete Guide
• AWS CDK Tutorial for Beginners - Step-by-Step Guide
• How to use Parameters in AWS CDK