I have this policy rule in my S3 bucket called aws-coes
:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddPerm",
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::aws-coes/*"
],
"Condition": {
"StringEquals": {
"aws:sourceVpc": "vpc-foo"
}
}
}
]
}
I was expecting that only the machines under my VPC "vpc-foo" could get the resources from my bucket, but no machine can get anything.
Did I do something wrong here?
Also I follow the steps of this post but nothing https://blog.adminfactory.net/allow-access-to-s3-bucket-only-from-ec2-instances.html