Step-by-Step Guide: Managing S3 Bucket Access and Hosting a Static Website

This content originally appeared on DEV Community and was authored by Subham Nandi

1. Managing S3 Bucket Access

This section covers how to restrict access to an S3 bucket, allowing only specific users (like the bucket owner) to have access.

Step 1: Grant S3 Full Access to an IAM User

1. Log into AWS Management Console:

   • Use your credentials to log into the AWS Management Console.

2. Navigate to IAM (Identity and Access Management):

   • From the AWS Management Console, search for and select IAM.

3. Create an IAM User (if not already created):

   • Go to Users and click Add user.
   • Enter a username (e.g., devops-user).
   • For Access type, select Programmatic access and AWS Management Console access.
   • Attach the policy AmazonS3FullAccess to the user to grant full access to S3.
   • Complete the process by reviewing and creating the user.

4. Verify S3 Access:

   • Log in as the IAM user or switch roles to this user.
   • Navigate to S3 in the AWS Management Console.
   • Ensure that the IAM user can see and access all S3 buckets.

Step 2: Restrict Access Using Bucket Policies

1. Navigate to S3 and Select Your Bucket:

   • Go to S3 in the AWS Management Console.
   • Click on the bucket you want to manage.

2. Go to the Permissions Tab:

   • Once inside the bucket, click on the Permissions tab.
   • Scroll down to Bucket Policy.

3. Edit the Bucket Policy:

   • Click Edit under the Bucket Policy section.
   • To restrict access, add the following JSON policy:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Deny",
      "Principal": "*",
      "Action": "s3:*",
      "Resource": [
        "arn:aws:s3:::your-bucket-name",
        "arn:aws:s3:::your-bucket-name/*"
      ],
      "Condition": {
        "StringNotEquals": {
          "aws:PrincipalArn": "arn:aws:iam::your-account-id:root"
        }
      }
    }
  ]
}

• Explanation:
  • Effect: Denies the specified actions.
  • Principal: * means everyone.
  • Action: s3:* means all S3 actions.
  • Resource: Specifies the bucket and all objects within it.
  • Condition: StringNotEquals ensures the policy applies to everyone except the bucket owner.
  • Replace "your-bucket-name" with your actual S3 bucket name.
  • Replace "your-account-id" with your actual AWS account ID.

1. Save the Policy:
   • Click Save changes to apply the policy.

Step 3: Validate Access Restrictions

1. Test Access as the IAM User:

   • Log in as the IAM user in an incognito browser or a separate session.
   • Attempt to access the S3 bucket that was just restricted.

2. Verify Access Denial:

   • The IAM user should receive an "Insufficient Permissions" error when trying to list or download objects from the bucket.
   • This confirms that the policy is correctly restricting access.

2. Hosting a Static Website on S3

This section will guide you through setting up an S3 bucket to host a static website.

Step 1: Create and Configure the S3 Bucket

1. Create a New S3 Bucket:

   • In the AWS Management Console, go to S3.
   • Click on Create bucket.
   • Provide a unique bucket name (e.g., my-website-bucket).
   • Choose the appropriate AWS region.

2. Configure Bucket Settings:

   • Under Bucket settings, leave all options as default or adjust them according to your requirements.
   • Ensure that Block all public access is checked initially (you'll change this later).

3. Upload Your Website Files:

   • Click on the bucket name to enter it.
   • Click Upload and upload your index.html (and any other necessary files).

Step 2: Enable Static Website Hosting

1. Navigate to the Properties Tab:

   • Inside your bucket, click on the Properties tab.

2. Enable Static Website Hosting:

   • Scroll down to Static website hosting.
   • Click Edit and then Enable static website hosting.
   • Select Host a static website.
   • Enter index.html as the Index document.
   • If you have an error page, specify the Error document (e.g., error.html).
   • Click Save changes.

3. Public Access Configuration:

   • By default, your bucket will still be private.

Step 3: Adjust Bucket Permissions for Public Access

1. Unblock Public Access:

   • Go to the Permissions tab.
   • Click Edit under Block all public access.
   • Uncheck Block all public access and save the changes.

2. Confirm Public Access Changes:

   • A confirmation dialog will appear; click Confirm.

Step 4: Add a Bucket Policy for Public Read Access

1. Add a Public Read Bucket Policy:
   • Go to Bucket Policy under the Permissions tab.
   • Add the following policy:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::your-bucket-name/*"
    }
  ]
}

• Replace "your-bucket-name" with your actual bucket name.
• This policy allows public read access to all objects in your bucket.

1. Save the Policy:
   • Click Save changes to apply the policy.

Step 5: Access the Static Website

1. Retrieve the Website URL:

   • Go back to the Properties tab.
   • Scroll down to Static website hosting.
   • The Bucket website endpoint will provide a URL (e.g., http://your-bucket-name.s3-website-region.amazonaws.com).

2. Test Your Website:

   • Open the URL in your web browser to see your static website live.

This content originally appeared on DEV Community and was authored by Subham Nandi

Print Share Comment Cite Upload Translate Updates

APA

Subham Nandi | Sciencx (2024-09-02T15:22:52+00:00) Step-by-Step Guide: Managing S3 Bucket Access and Hosting a Static Website. Retrieved from https://www.scien.cx/2024/09/02/step-by-step-guide-managing-s3-bucket-access-and-hosting-a-static-website/

MLA

" » Step-by-Step Guide: Managing S3 Bucket Access and Hosting a Static Website." Subham Nandi | Sciencx - Monday September 2, 2024, https://www.scien.cx/2024/09/02/step-by-step-guide-managing-s3-bucket-access-and-hosting-a-static-website/

HARVARD

Subham Nandi | Sciencx Monday September 2, 2024 » Step-by-Step Guide: Managing S3 Bucket Access and Hosting a Static Website., viewed ,<https://www.scien.cx/2024/09/02/step-by-step-guide-managing-s3-bucket-access-and-hosting-a-static-website/>

VANCOUVER

Subham Nandi | Sciencx - » Step-by-Step Guide: Managing S3 Bucket Access and Hosting a Static Website. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2024/09/02/step-by-step-guide-managing-s3-bucket-access-and-hosting-a-static-website/

CHICAGO

" » Step-by-Step Guide: Managing S3 Bucket Access and Hosting a Static Website." Subham Nandi | Sciencx - Accessed . https://www.scien.cx/2024/09/02/step-by-step-guide-managing-s3-bucket-access-and-hosting-a-static-website/

IEEE

" » Step-by-Step Guide: Managing S3 Bucket Access and Hosting a Static Website." Subham Nandi | Sciencx [Online]. Available: https://www.scien.cx/2024/09/02/step-by-step-guide-managing-s3-bucket-access-and-hosting-a-static-website/. [Accessed: ]

rf:citation

» Step-by-Step Guide: Managing S3 Bucket Access and Hosting a Static Website | Subham Nandi | Sciencx | https://www.scien.cx/2024/09/02/step-by-step-guide-managing-s3-bucket-access-and-hosting-a-static-website/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.