AWS Classroom Series – 23/Dec/2020

S3 bucket access permissions

  • To grant access to our buckets and objects to other AWS accounts and to general public, we use resource based policies known as access control lists (ACLs)
  • Lets review different access possibilites

Blocking public access

  • Lets understand access status
    • Public
    • Objects can be public
    • Buckets and objects not public
    • Only authorized users of this account
  • Create a s3 bucket with all public access blocked Preview Preview
  • Editing Public access settings Preview Preview Preview

Managing Access of S3 buckets and Objects

  • Refer Here to understand yaml and json formats
  • AWS S3 resources: Buckets and objects.
    • Bucket resources have the following subresources
      • lifecycle
      • versioning
      • website
      • policy and acl
      • object ownership
      • logging
    • Object subresources are
      • acl
      • restore
  • Managing Access to resources
    • All resource operations on s3 are Refer Here
    • Resource-based policy: Preview
    • User policies Preview

AWS S3 Bucket Policy

  • Lets use AWS S3 Bucket policy generator Refer Here
  • Ensure you have one s3 bucket created Preview
  • To manage s3 bucket permissions, we need to know about
    • Bucket policy
    • Object Ownership
    • ACL
    • CORS
  • ARN (Amazon Resource Name): For every resource that gets created in aws a unique name (ARN) is created Refer Here
  • ARN for different resources in s3 Preview
  • To understand s3 bucket policy we need to know the basic structure Refer Here
  • To understand acls we need to know a little bit about xmls Refer Here

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin