S3 Bucket Policy for Hosted Static Website
Question
I have an S3 bucket that is being used to host a static website. This example shows a policy that grants everyone access to the objects in the specified bucket (ie making the website public):
{
"Version":"2012-10-17",
"Statement":[{
"Sid":"PublicReadGetObject",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::example-bucket/*"]
}]
}
However, I want to make the website accessible to only specific Amazon users. So following this documentation , I specify these users in Principal :
{
"Version":"2012-10-17",
"Statement":[{
"Sid":"PublicReadGetObject",
"Effect":"Allow",
"Principal": {
"AWS": "arn:aws:iam::Account-ID:user/Dave"
},
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::example-bucket/*"]
}]
}
While this correctly enables permissions for who can access the resource via the S3 console, it results in a 403 for everybody trying to access the hosted website.
Is it possible to have user-level permissions restricting access to a hosted bucket?
1 answers
solution1
3 ACCPTED 2017-01-06 05:03:06
No, it is not possible to apply user-level permissions to a static web site bucket in S3. From Permissions Required for Website Access :
When you configure a bucket as a website, you must make the objects that you want to serve publicly readable.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.