|« PreviousNext »|
|Did this page help you? Yes | No | Tell us about it...|
Bucket permissions specify who is allowed access to the objects in a bucket and what permissions you have granted them. For example, one person might have only read permission while another might have read and write permissions.
To edit bucket permissions
Sign into the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3.
In the Buckets list, click the bucket whose properties you want to view.
Click Permissions, and then do any of the following:
|Change an existing permission||Beside the grantee whose permissions you want to change, select the check box for a permission to grant it, or clear the box to deny it.|
|Add permissions for a person or group||
|Remove a person or group from the permission list||
Click the "x" on the line of the grantee you want to remove.
|Add a bucket policy||
|Add a Cross-Origin Resource Sharing (CORS) configuration||
There are built-in groups that you can choose from the Grantee drop-down list box:
Authenticated Users – This group consists of any user that has an Amazon AWS Account.
Everyone – This group grants anonymous access to your bucket.
Log Delivery – This group grants write access to your bucket when the bucket is used to stored server access logs.
For more information about predefined Amazon S3 Groups, go to Who is a Grantee in the Amazon S3 Developer Guide.
You can grant access to an account by using the e-mail address that the user entered when signing up for an AWS account. You can grant an account any of the following permissions:
List – Allows the grantee to view a list of the objects in the bucket.
Upload/Delete – Allows the grantee to access the object when they logged in.
View Permissions – Allows the grantee to view the permissions associated with the object.
Edit Permissions – Allows the grantee to edit the permissions associated with the object.
We highly recommend against granting the Everyone group Upload/Delete permission. Doing so will allow anyone to store objects in your bucket, for which you will be billed, and allows others to delete objects that you may want to keep.