gabriele
mittica
.com

Hello, i'm a cloud and web developer.

AWS policy to host public files with S3

written by Gabriele Mittica, Jun 01 2012

Simple Storage Service is the first product managed by AWS. From AWS website:

Amazon S3 is storage for the Internet. It is designed to make web-scale computing easier for developers.
Amazon S3 provides a simple web services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the web.

When you upload files in S3, you have to specify a "bucket", such as a container where store data. The limit is maximum 100 buckets for each AWS account.

It means that if you have a lot of customers you can't assign a bucket for each of them, but you have to use advanced policies that allow you to create dedicated folders (one per customer) in a single bucket: so you'll be able to store public files of your websites without policy conflicts or security failures.

The policies

If the name of your bucket is testbucket and your website is example.com you can attach this policy to the IAM user created in the AWS console:

{
  "Statement": [
    {
      "Action": [
        "s3:AbortMultipartUpload",
        "s3:DeleteObject",
        "s3:DeleteObjectVersion",
        "s3:Get*",
        "s3:List*",
        "s3:PutObject",
        "s3:PutObjectAcl",
        "s3:PutObjectAclVersion"
      ],
      "Effect": "Allow",
      "Resource": ["arn:aws:s3:::testbucket/example.com/*"]
    }
  ]
}

You have also attach this policy to grant to everyone the access to list the public files:

{
  "Statement": [
    {
      "Action": [
        "s3:List*"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::testbucket"
    }
  ]
}

Useful links

- S3 product page
- S3 documentation
- Using bucket policies
- Example Cases for Amazon S3 Bucket Policies

About the Author

Gabriele Mittica
Gabriele Mittica I'm a 28 years old web developer with a long experience on dynamic websites. I worked over 7 years on content management systems designing. Now I'm focused on AWS integration and cloud development. In early 2012 I opened a new cloudy startup:Corley.

Post a comment

blog comments powered by Disqus

Articles from blog and friends!

Keep in touch!

If you want ask a question, share a content, report a bug or simply contact me you can find me on Facebook, Twitter and obviously on Linkedin!

Cloud and LAMP applications: how to scale

published May 13 2013

The Slides from my speech at the first italian Cloud Conference in last April. An introduction to lamp apps and scalability: the issues and the related solutions, how to scale the app and which services use to do it in the best way. [PHP, Cloud, AWS, Cache]

Cloud Conference and Cloud Training

published Apr 12 2013

I'm happy to introduce the Italian Cloud conference in Turin next 18th April, where a lot of speakers (also me) from great companies such as AWS, Trigger.io, Zend Technolgies, Corley, Read Hat and NuvolaBase will speak about cloud computing and scalability. [Cloud, AWS, startup]

Mongo ad PHP: review

published Feb 12 2013

My review of the manual MongoDB and PHP, an interesting book 8maybe too much short?) that explain quickly how to use a very populare nosql database like mongoDB with no troubles. [PHP, Cloud, Nosql]

WordPress integration with AWS - Part 2

published Feb 11 2013

From the Wordcamp Bologna Conference where i was such as relator, the second version of slide about integration of WordPress with cloud services and tutorial about scalability of PHP applications. [Cloud, AWS, WordPress]

My interview for DoesWhat.com

published Jan 29 2013

The interview published by DoesWhat.com where I talked about startups, cloud computing, entrepreneur life and passion that I put into my work every day. Hoping not find it too boring! [Cloud, startup]

GabrieleMittica.com
Web & Cloud Developer
© 2017 Gabriele Mittica
 
Clicca per i dettagli