S3 bucket access permissions
- To grant access to our buckets and objects to other AWS accounts and to general public, we use resource based policies known as access control lists (ACLs)
- Lets review different access possibilites
Blocking public access
- Lets understand access status
- Public
- Objects can be public
- Buckets and objects not public
- Only authorized users of this account
- Create a s3 bucket with all public access blocked
- Editing Public access settings
Managing Access of S3 buckets and Objects
- Refer Here to understand yaml and json formats
- AWS S3 resources: Buckets and objects.
- Bucket resources have the following subresources
- lifecycle
- versioning
- website
- policy and acl
- object ownership
- logging
- Object subresources are
- acl
- restore
- Bucket resources have the following subresources
- Managing Access to resources
- All resource operations on s3 are Refer Here
- Resource-based policy:
- User policies
AWS S3 Bucket Policy
- Lets use AWS S3 Bucket policy generator Refer Here
- Ensure you have one s3 bucket created
- To manage s3 bucket permissions, we need to know about
- Bucket policy
- Object Ownership
- ACL
- CORS
- ARN (Amazon Resource Name): For every resource that gets created in aws a unique name (ARN) is created Refer Here
- ARN for different resources in s3
- To understand s3 bucket policy we need to know the basic structure Refer Here
- To understand acls we need to know a little bit about xmls Refer Here
