How To Enable S3 Bucket Access With IP Address
Table of Contents
- Introduction
- Modify the S3 Bucket Policy
- For Single IP Address
- S3 Bucket with Multiple IP Addresses
- Conclusion
Introduction
S3, Amazon Simple Storage Service, is an object cloud storage service that can store data on the cloud and is designed for 99.999999999% (11 9's) of durability. For example, you can host image files. You can either make the S3 bucket public so the images are publicly available, or you can keep the S3 bucket private and use CloudFront to access the S3 files. This blog shows how to make it public with a specific IP address.
Modify the S3 Bucket Policy
If you have an S3 bucket and want to allow access from a specific IP address, you can modify the bucket policy as follows. Replace the bucket name and IP address with your own values.
For Single IP Address
{
"Version": "2012-10-17",
"Id": "S3PolicyId1",
"Statement": [
{
"Sid": "IPAllow",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::{Your-S3-Bucket-Name}/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "{Your-IP-Address}/24"
}
}
}
]
}
S3 Bucket with Multiple IP Addresses
If you have multiple IP addresses you want to provide access to, you can do the following.
{
"Version": "2012-10-17",
"Id": "S3PolicyId1",
"Statement": [
{
"Sid": "IPAllow",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::{Your-Bucket-Name}/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"{Your-IP-Address-1}",
"{Your-IP-Address-2}"
]
}
}
}
]
}
Conclusion
It is very easy to use the aws:SourceIp condition to limit specific IP addresses for accessing your S3 bucket. If you just want to test it out with your S3 bucket but don't want to make it fully public so everyone can access them, you can simply add the IP address in the S3 policy editor.