In this lesson, we learned how to configure an S3 Bucket Policy to make an object publicly accessible. Below is a step-by-step breakdown of the process.

1. Enable Public Access in Bucket Settings

By default, public access is blocked in AWS S3 to prevent accidental data leaks. To allow public access:

• Navigate to the Permissions tab of the S3 bucket.
• Edit the public access settings and untick the restriction.
• Confirm the change, acknowledging the risks involved.

⚠️ Warning: Making an S3 bucket public can expose sensitive data. Only do this for specific use cases, such as serving static assets.

2. Creating an S3 Bucket Policy

Now that public access is enabled, we must define a Bucket Policy to grant read permissions.

Using the AWS Policy Generator

AWS provides a Policy Generator to help create policies easily:

1. Select "S3 Bucket Policy" as the policy type.
2. Set permissions:
   • Choose Allow as the effect.
   • Set the principal as (anyone on the internet).
   • Choose s3:GetObject as the action (allows read access).
3. Specify the Resource ARN:
   • Find your bucket's Amazon Resource Name (ARN).
   • Append /* to the ARN to apply permissions to all objects inside the bucket.

Example Policy

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::your-bucket-name/*"
    }
  ]
}

1. Generate the policy and copy it into the Bucket Policy section.
2. Save the changes.