How do I set up public read access to S3 bucket objects?
In this guide, we will set up public read access to objects in an AWS S3 bucket using Pulumi. This involves creating an S3 bucket and then attaching a bucket policy that allows public read access to all objects within the bucket.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Create an S3 bucket
const bucket = new aws.s3.Bucket("my-public-bucket", {
acl: "public-read", // Set the ACL to public-read
});
// Define the bucket policy to allow public read access to all objects
const bucketPolicy = new aws.s3.BucketPolicy("bucketPolicy", {
bucket: bucket.bucket,
policy: bucket.bucket.apply(bucketName => JSON.stringify({
Version: "2012-10-17",
Statement: [{
Effect: "Allow",
Principal: "*",
Action: ["s3:GetObject"],
Resource: [`arn:aws:s3:::${bucketName}/*`],
}],
})),
});
// Export the bucket name and URL
export const bucketName = bucket.bucket;
export const bucketUrl = pulumi.interpolate`http://${bucket.websiteEndpoint}`;
Key Points
- S3 Bucket: Created an S3 bucket with public read access.
- Bucket Policy: Attached a policy to allow public read access to all objects.
- Exports: Exported the bucket name and website URL for easy access.
Summary
By following the above steps, we have successfully created an S3 bucket and configured it to allow public read access to all objects within it. This setup is useful for hosting publicly accessible content such as static websites or assets.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.