UncategorizedVirtualization

AWS: Create a Simple Storage Service (S3)

 

image

Create a Bucket – Select a Bucket Name and Region

A bucket is a container for objects stored in Amazon S3. When creating a bucket, you can choose a Region to optimize for latency, minimize costs, or address regulatory requirements. For more information regarding bucket naming conventions, please visit the Amazon S3 documentation.

 

A bucket name in Singapore region must contain only lower case characters.

A bucket is a container for objects stored in Amazon S3. When creating a bucket, you can choose a Region to optimize for latency, minimize costs, or address regulatory requirements. For more information regarding bucket naming conventions, please visit the Amazon S3 documentation.

image

 

Configuring S3 Bucket Policies

image

image

AWS Policy Generator

The AWS Policy Generator is a tool that enables you to create policies that control access to Amazon Web Services (AWS) products and resources. For more information about creating policies, see key concepts in Using AWS Identity and Access Management. Here are sample policies. You can submit your samples(Enter ‘AWS Policy Examples’ in the Library Title field).

Step 1: Select Policy Type

A Policy is a container for permissions. The different types of policies you can create are an IAM Policy, an S3 Bucket Policy, an SNS Topic Policy and an SQS Queue Policy.

Top of Form

Select Type of Policy SNS Topic PolicyIAM PolicySQS Queue PolicyS3 Bucket Policy

Bottom of Form

Step 2: Add Statement(s)

A statement is the formal description of a single permission. See a description of elements that you can use in statements.

Top of Form

Effect Allow  Deny

Principal

Multiple values are comma limited

AWS Service AWS CloudFormationAWS CloudTrailAWS Direct ConnectAWS ElastiCacheAWS Elastic BeanstalkAWS Identity and Access ManagementAWS Import ExportAWS MarketplaceAWS Marketplace Management PortalAWS OpsworksAWS Security Token ServiceAWS WebsiteAmazon AppStreamAmazon CloudFrontAmazon CloudWatchAmazon DynamoDBAmazon EC2Amazon Elastic MapReduceAmazon Elastic TranscoderAmazon GlacierAmazon KinesisAmazon RDSAmazon RedshiftAmazon Route 53Amazon S3Amazon SESAmazon SNSAmazon SQSAmazon Simple Workflow ServiceAmazon SimpleDBAmazon Storage GatewayAuto ScalingElastic Load Balancing  All Services (‘*’)

Use multiple statements to add permissions for more than one service.

Actions AddPermission DeleteTopicGetTopicAttributesListSubscriptionsByTopicPublishReceiveRemovePermissionSetTopicAttributesSubscribe– Select Actions –  All Actions (‘*’)

Amazon Resource Name (ARN)

ARN should follow the following format: arn:aws:sns:<region>:<account_ID>:<topic_name>.
Multiple values are comma limited.

Add Conditions (Optional)

Bottom of Form

Step 3: Generate Policy

A policy is a document (written in the Access Policy Language) that acts as a container for one or more statements.

Add one or more statements above to generate a policy.

image

https://s3-ap-southeast-1.amazonaws.com/mywebpages/screen-shot1.png

image

 

Amazon S3 bucket Policy to make S3 bucket publicly readable.

 

<

p>{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "AllowPublicRead",
            "Effect": "Allow",
            "Principal": {
                "AWS": ""
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::mywebpages/
"
        }
    ]
}

Advertisements