0

I want to outsource audio snippets off my shop page to amazon S3. My goal is: public/everyone can read but only the owner/me can write.

Here is the code I used

Under Permission - Bucket Policy I'm using the following code

{
    "Version": "2008-10-17",
    "Statement": [
    {
        "Sid": "AllowPublicRead",
        "Effect": "Allow",
        "Principal": {
            "AWS": "*"
        },
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::mybucket/*"
    }
    ]
}

But the permissions I get are confusing me. see screenshot.

permission1

And when I click on the relevant file I get this

public

Do I have to click on "everyone" and add "read"?

Here is another window where I had to change the policy to false (on the right side) because otherwise I was getting "Access denied"

permission2

And then there is a third permission window (kind of global? outside the bucket thing)

permission4

I guess what I'm asking is: Is this how you do it, if you want to set up files to "read only" for public and "read and write" for the owner? Can someone confirm that this is set up and looking right?

Help is very much appreciated. Thanks.

mika2019
  • 404
  • 4
  • 16

1 Answers1

0

I'm not 100% sure this is the best answer but what comes to mind is having a private read and write s3 that syncs with your public bucket. AWS is strict in their public vs private buckets so I don't imagine they would allow only owner write access. I could be wrong. Basically, have a personal private s3 bucket that syncs to your public bucket for everyone else.

Along the lines of this, Automatically sync two Amazon S3 buckets, besides s3cmd?

MillerC
  • 663
  • 1
  • 11
  • 26