DEV Community

Cover image for Trying Out Various Settings for Amazon S3 Publishing
Yasunori Kirimoto for AWS Community Builders

Posted on • Updated on

Trying Out Various Settings for Amazon S3 Publishing

img

I've been experimenting with various Amazon S3 publishing settings πŸŽ‰

Advance Preparation

  • Amazon S3 bucket creation and file registration

Amazon S3 #001 - Creating a bucket

Amazon S3 #002 - File registration and download

File Publishing

This is how to publish a file in Amazon S3.

Click "Edit" in the section of "Block Public Access (Bucket Settings)" under the "Permissions" tab.

img

Uncheck "Block All Public Access."

img

Since the file will not be published only with these settings, click "Edit" for the bucket policy.

img

Configure the bucket policy β†’ Click "Save Changes." This time, we grant permissions to retrieve objects from Amazon S3.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Statement1",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::[Bucket Name]/*"
        }
    ]
}
Enter fullscreen mode Exit fullscreen mode

img

Make sure that the access permission is set to public.

img

The file will be displayed when you access the URL directly.

img

Publish the File Only to the Specified IP

This is a method to publish files only to specified IPs in Amazon S3.

Click "Edit" in the section of "Block Public Access (Bucket Settings)" under "Permissions" tab.

img

Uncheck "Block All Public Access".

img

The file will not be published only with these settings, so click "Edit" for the bucket policy.

img

Configure the bucket policy β†’ Click "Save Changes." This time, we grant permissions to retrieve objects from Amazon S3 and access permissions for the specified IP.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Statement1",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::[Bucket Name]/*"
        },
        {
            "Sid": "IP",
            "Effect": "Deny",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::[Bucket Name]/*",
            "Condition": {
                "NotIpAddress": {
                    "aws:SourceIp": "[Allow IP]"
                }
            }
        }
    ]
}
Enter fullscreen mode Exit fullscreen mode

img

Make sure that the access permission is set to public; it will not be displayed publicly if IP restrictions are set.

img

If you access the URL directly from the IP you set, the file will be displayed. The file will not be displayed except for the specified IP.

img

Public Display of Files Only for Specified Period

This is a method to publish a file only for a specified period of time in Amazon S3.

Select the target file.

img

Click Object Action β†’ Click "Share with signed URL".

img

Set the target period β†’ Click "Create signed URL". Accessing the URL copied to the clipboard will confirm that the file will be displayed for the duration.

img

Static Website Hosting

A note on publishing with Amazon S3's static website hosting.

Upload a set of HTML and other files that you want to publish.

img

Click "Edit" in the section of "Block Public Access (Bucket Settings)" under the "Permissions" tab.

img

Uncheck "Block All Public Access."

img

This is not enough to make the file public, so click "Edit" under Bucket Policy.

img

Configure the bucket policy β†’ Click "Save Changes". This time, we grant permissions to retrieve objects from Amazon S3.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Statement1",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::[Bucket Name]/*"
        }
    ]
}
Enter fullscreen mode Exit fullscreen mode

img

Make sure that the access permissions are set to public.

img

Click "Edit" in the section of "Static Website Hosting" under "Permissions" tab.

img

Check "Enable", "Host Static Website", and Set Root HTML β†’ Click "Save Changes".

img

Confirm that Static Website Hosting is now enabled; you will be issued a URL to access.

img

The WebSite you uploaded will be displayed.

img

It was great to recognize once again that it is possible to set various things with Amazon S3 alone. It is also possible to build it with AWS Amplify, ServerlessFramework, CloudFormation, etc., but it is also important to operate S3 from the AWS Management Console and review the basics πŸ’‘

In the next article, I would like to introduce another method that combines Amazon CloudFront.

Related Articles

Top comments (0)