S3 (ie Simple Storage Service) is a edge storage file system in Aws based on Hadoop File System
Amazon S3 uses dense storage drives that are optimized for storing larger objects inexpensively.
Amazon S3 can be used to host static websites without having to configure or manage any web servers. See Aws - Static Web Hosting
bucket's name must be globally unique. Bucket used as an origin point for Amazon Cloudfront have specific restrictions
All buckets created in Amazon S3 are fully private by default. By default your bucket will only be accessible by authenticated users with access to your AWS account.
Bucket policies are represented as JSON documents that define the S3 Actions (S3 API calls) against the objects in your bucket that are allowed (or not not allowed) to be performed by different Principals (in our case the public, or anyone).
The easiest way to update a bucket policy is to use the console.
See also:
You could also use the canonical user id as the principal: “CanonicalUser”: “<OAI S3CanonicalUserId>”
example of a policy that will grant read only access to anonymous users.
Both “Principal”: “*” and “Principal”:{“AWS”:“*”} grant permission to everyone (also referred to as anonymous access)
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::[YOUR_BUCKET_NAME]/*"
}
]
}
aws s3api put-bucket-policy --bucket BUCKET_NAME --policy file://pathToPolicyFile/website-bucket-policy.json
"Principal": {
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity <OAI ID>"
},
There is other access controls than policy for S3:
Example of Check list:
curl -i -X DELETE <WebsiteCloudFrontURL>/index.html
aws s3 mb s3://BUCKET_NAME
:: example
aws s3 mb s3://my-bucket-name
All buckets created in Amazon S3 are fully private by default.
Example
aws s3 sync s3://wildrydes-us-east-1/WebApplication/1_StaticWebHosting/website s3://BUCKET_NAME --region YOUR_BUCKET_REGION
where:
See Amazon Athena
aws s3api put-bucket-policy --bucket BUCKET_NAME --policy file://pathToPolicyFile/website-bucket-policy.json
aws s3 cp path/To/MyLocalFile s3://BUCKET_NAME/path/to/myFileInBucket