1. Answers
  2. Establishing public read access for AWS S3 objects

How do I set up public read access to S3 bucket objects?

In this guide, we will set up public read access to objects in an AWS S3 bucket using Pulumi. This involves creating an S3 bucket and then attaching a bucket policy that allows public read access to all objects within the bucket.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create an S3 bucket
const bucket = new aws.s3.Bucket("my-public-bucket", {
    acl: "public-read", // Set the ACL to public-read
});

// Define the bucket policy to allow public read access to all objects
const bucketPolicy = new aws.s3.BucketPolicy("bucketPolicy", {
    bucket: bucket.bucket,
    policy: bucket.bucket.apply(bucketName => JSON.stringify({
        Version: "2012-10-17",
        Statement: [{
            Effect: "Allow",
            Principal: "*",
            Action: ["s3:GetObject"],
            Resource: [`arn:aws:s3:::${bucketName}/*`],
        }],
    })),
});

// Export the bucket name and URL
export const bucketName = bucket.bucket;
export const bucketUrl = pulumi.interpolate`http://${bucket.websiteEndpoint}`;

Key Points

  • S3 Bucket: Created an S3 bucket with public read access.
  • Bucket Policy: Attached a policy to allow public read access to all objects.
  • Exports: Exported the bucket name and website URL for easy access.

Summary

By following the above steps, we have successfully created an S3 bucket and configured it to allow public read access to all objects within it. This setup is useful for hosting publicly accessible content such as static websites or assets.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up