Menu
By default, new S3 bucket settings do not allow public access, but customers can modify these settings to grant public access using policies or object-level permissions.
By default, all S3 buckets are private and can be accessed only by users who are explicitly granted access. Restrict access to your S3 buckets or objects by doing the following: Writing IAM user policies that specify the users that can access specific buckets and objects.
By default, all Amazon S3 buckets and objects are private. Only the resource owner which is the AWS account that created the bucket can access that bucket. The resource owner can, however, choose to grant access permissions to other resources and users.
Steps to allow public access to private AWS S3 bucket files: Click on the private S3 bucket with the object that you want to make public. Click on the Permissions tab. Click Edit on the Block public access section. Click on the Block all public access to uncheck and disable the options.
Go to http://awspolicygen.s3.amazonaws.com/policygen.html
Fill in the details such as: 
In Action select "GetObject"
Select "Add Statement"
Then select "Generate Policy"
Copy the text example:
{
"Id": "Policy1397632521960",
"Statement": [
{
"Sid": "Stmt1397633323327",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucketnm/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
Now go to your AWS S3 console, At the bucket level, click on Properties, Expand Permissions, then Select Add bucket policy. Paste the above generated code into the editor and hit save.
All your items in the bucket will be public by default.
If you want to make all objects public by default, the simplest way is to do it trough a Bucket Policy instead of Access Control Lists (ACLs) defined on each individual object.
You can use the AWS Policy Generator to generate a bucket policy for your bucket.
For example, the following policy will allow anyone to read every object in your S3 bucket (just replace <bucket-name> with the name of your bucket):
{
"Id": "Policy1380877762691",
"Statement": [
{
"Sid": "Stmt1380877761162",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::<bucket-name>/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
The Bucket Policy contains a list of Statements and each statement has an Effect (either Allow or Deny) for a list of Actions that are performed by Principal (the user) on the specified Resource (identified by an Amazon Resource Name or ARN).
The Id is just an optional policy id and the Sid is an optional unique statement id.
For S3 Bucket Policies, the Resource ARNs take the form:
arn:aws:s3:::<bucket_name>/<key_name>
The above example allows (Effect: Allow) anyone (Principal: *) to access (Action: s3:GetObject) any object in the bucket (Resource: arn:aws:s3:::<bucket-name>/*).
My problem was slightly different, but since this question is on the top of google search I'll leave my solution, maybe it'll help somebody.
I already had had full access to S3 bucket before, but one day it just started to return Access Denied to all my files. The solution was straightforward simple.
Services - S3
Permissions tab, then go to Bucket Policy tabSave button.It should reassign permission on all your files.
Anyway, here is full bucket policy that allows makes all object public
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowPublicRead",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::enter-here-your-media-bucket-name/*"
}
]
}
The JSON above did not work for me, but I found this to be working. I have tested it on multiple buckets. I can write to the buckets programmatically and read from them at the same time
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddCannedAcl",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<bucket_name>/*"
}
]
}If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With