AWS S3 bucket is a cloud object storage service provided by AWS.
By default, strict privacy rules are applied to your bucket to protect its content. However, sometimes you may need some or all of your bucket’s contents to be public. For instance, when hosting a static website, portfolio page, or storing images, documents, videos, etc., using AWS S3, you would need your bucket content to be public.
Creating a bucket
- Log in to your AWS account, click on the search bar, and type S3, select the option S3 that shows up below the search, or click Services at the top left and click S3 from the option, you might have to scroll before you find it.
- You see your list of buckets listed if you have any, click on Create bucket
- Select the region for the bucket to be hosted
- Give your bucket a unique and valid name (globally unique and containing only the characters; lowercase letters, numbers, and dashes). Here is the rule for naming a bucket https://docs.aws.amazon.com/console/s3/bucket-naming
- Choose ACL disabled as recommended by AWS
- Disable block all public access, you need your bucket to be public. You could leave this button open or selecting the first two wouldn’t change anything because ACL isn’t enabled.
- Click on Acknowledge to confirm your intention of making the bucket publicly accessible
- Scroll down and click on Create bucket or you can change the other settings based on your preference.
Now you have successfully created the bucket, but it is not publicly accessible, you can confirm this by uploading an object and clicking on the URL of the object. You get a response access control issue.
Now you need to create a policy for the bucket to be publicly accessible. If you have a bucket you want to make publicly accessible you can follow through from here.
- From your bucket page, click on permission
- Scroll down and click on bucket policy
- Scroll down to the text box, and paste this JSON policy statement into the box. Remember to change the bucket ARN on the statement to your bucket ARN, you can find it just above the box for you to copy. Make sure to include the last two characters in the paste. You end up having arn:aws:s3:::your-bucket-name/*
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "AllowPublicRead",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::bucket/*"
]
}
]
}- Click on save to save your policy statement.
- Click on any object on your bucket and locate the object URL, click on it, and confirm that you can access the object outside your account.
- To confirm access, when you click on the object URL, it opens the image on your browser if it is an image, it will download the document if it’s a document, etc.
If your object wasn’t still accessible and you didn’t follow through while creating the bucket i.e. you want to make an existing bucket publicly accessible then follow this step below.
- Open your bucket page, click on permissions
- Scroll down to locate the Block public access settings
- This setting should be off as indicated in the screenshot below for your bucket to be publicly accessible.
- If the settings above is not off, click on edit and make the changes as shown in the screenshot below, or for simplicity just ensure none of the options are selected.
Your S3 bucket should now be publicly accessible to users outside AWS. Like I said before you can host your images, static websites, and documents on this bucket.
Also, know that you can make individual objects in the bucket either private or public (reverse permission for the bucket) depending on what you want.
Conclusion
You can send your object URL to others so they can access your content. I actually host my CV and other documents on S3.
Please let us hear from you, share your comments and read other articles on the site.
