download free 30 days trial version buy bucket explorer
Documentation  Download  Purchase  Support  FAQs   Forum   ScreenShots & Demos

Amazon S3 - Permissions Required for Website Access

When you set S3 Bucket as an S3 Website, it is required to set the object publicly readable if you want to serve the object globally. If S3 object does not exist and you try to access the object, Amazon S3 responds with 404 (not found) error message. If S3 object exists but it does not have read permission to access it, Amazon S3 responds with 403 (Access Denied) error message.
You can make the object publicly readable either by Bucket Policy or ACL.

Using Bucket Policy, you can make objects of S3 bucket publicly readable.


{
"Version":"2008-10-17",
"Statement":[{
"Sid":"Publicly Accessible",
"Effect":"Allow",
"Principal": {
"AWS": "*"
},
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::my-bucket/*"}
}
]
}
 

Using Object ACL (Update), you can make the selected objects publicly readable.


<Grant>
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:type="Group">
<URI>http://acs.amazonaws.com/groups/global/AllUsers</URI>
</Grantee>
<Permission> READ </Permission>
</Grant>
 

You can perform the following operations to set S3 object publicly readable:

  1. Using Bucket Explorer, you can set Bucket Policy (mentioned above) to make S3 Objects publicly readable. Check the link to get more details on “How to set Bucket Policy”.
  2. Using Bucket Explorer, you can update ACL for selected S3 Objects to make them publicly readable. Check the link to get more details on “Public Access Object”.