HomeDownloadBuy ProPortableNewsHelpVideosScreenshotsBetaContact us
Working with Amazon S3 Buckets - Table of Contents
How to edit Amazon S3 Bucket Policies
Bucket Policies allow you to create conditional rules for managing access to your buckets and files. With bucket policies, you can also define security rules that apply to more than one file, including all files or a subset of files within a bucket. This makes updating and managing permissions easier!

To Edit Amazon S3 Policies:
  1. Click Buckets -> Edit Bucket Policies.
    Bucket Policies. Edit Amazon S3 Bucket policies.
    You can also use Ctrl+O keyboard shortcut to open Bucket Policies Editor.

  2. Bucket Policies Editor will open:
    amazon s3 bucket policies editor
    Bucket Policies Editor allows you to Add, Edit and Delete Bucket Policies.
  3. Enter valid Amazon S3 Bucket Policy.
    See some Examples of S3 Bucket Policies below and Access Policy Language References for more details.
  4. Click Apply Bucket Policies.
Examples of Amazon S3 Bucket Policies
How to grant public-read permission to anonymous users (i.e. to everyone) 
{
  "Version":"2008-10-17",
  "Statement":[{
	"Sid":"AllowPublicRead",
		"Effect":"Allow",
	  "Principal": {
			"AWS": "*"
		 },
	  "Action":["s3:GetObject"],
	  "Resource":["arn:aws:s3:::bucket/*"
	  ]
	}
  ]
}
Don't forget to replace arn:aws:s3:::bucket/* with your bucket name.
How to grant full access for the users from specific IP addresses. 
{
  "Version": "2008-10-17",
  "Id": "S3PolicyId1",
  "Statement": [
     {
         "Sid":"IPAllow",
         "Effect": "Allow",
         "Principal": {
            "AWS": "*"
         },
         "Action": "s3:*",
         "Resource": "arn:aws:s3:::bucket/*",
          "Condition" : {
             "IpAddress" : {
             "aws:SourceIp":"192.168.143.0/24"
             },
             "NotIpAddress" : {
             "aws:SourceIp":"192.168.143.188/32"
              }
          }
     },
     {
         "Sid":"IPDeny",
         "Effect": "Deny",
         "Principal": {
            "AWS": "*"
         },
         "Action": "s3:*",
         "Resource": "arn:aws:s3:::bucket/*",
         "Condition" : {
            "IpAddress" : {
            "aws:SourceIp":"10.1.2.0/24"
            }
         }
     }
  ]
}
Don't forget to replace arn:aws:s3:::bucket/* with your bucket name.
How to protect your amazon s3 files from hotlinking. 
{ 
	"Version":"2008-10-17", 
	"Id":"preventHotLinking",
 
	"Statement":[ { 
	
		"Sid":"1", 
		"Effect":"Allow",
		"Principal": {
			"AWS":"*"
		},
		
		"Action":"s3:GetObject",
		"Resource":"arn:aws:s3:::your.bucket.name/*",
		
		"Condition":{
			
			"StringLike": { 
			
				"aws:Referer": [
					"http://yourwebsitename.com/*", 
					"http://www.yourwebsitename.com/*"
				]
			}
		}
	}]
}
 download s3 browser, bucket explorer
S3 Browser 2.4.5 Free

Powered by Amazon Web Services and Rated by CNET Editors!
 
Share/Save
Follow us!
RSS feed


Other Products
TntDrive allows you to easily mount Amazon S3 Bucket as a Windows Drive.

"Amazon Web Services", "AWS", "Amazon S3", "Amazon Simple Storage Service", "Amazon CloudFront", "CloudFront", the "Powered by Amazon Web Services" logo are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
(c) 2008-2010 NetSDK Software. All rights reserved. Terms of Use. Privacy Policy. S3 Drive