Amazon Simple Storage Service
Developer Guide (API Version 2006-03-01)
AWS Documentation » Amazon Simple Storage Service (S3) » Developer Guide » Access Control » Using Bucket Policies » Setting Bucket Policies on a Bucket
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.Did this page help you?  Yes | No |  Tell us about it...

Setting Bucket Policies on a Bucket

To set a policy on a bucket, you use the PUT Bucket operation on the policy sub-resource and you include the bucket policy in the body of the request. The following request, for example, allows two users (1111-2222-3333, 4444-5555-6666) access execute a GET request (s3:GetObject*) for objects in mybucket (arn:aws:s3:::mybucket/*",):

PUT /?policy HTTP/1.1
Host: bucket.s3.amazonaws.com  
Date: Tue, 04 Apr 2010 20:34:56 GMT  
Authorization: AWS AKIAIOSFODNN7EXAMPLE:VGhpcyBSAMPLEBieSBlbHZpbmc= 

{
"Version":"2008-10-17",
"Id":"aaaa-bbbb-cccc-dddd",
"Statement" : [
    {
        "Effect":"Allow",
        "Sid":"1", 
        "Principal" : {
            "AWS":["1111-2222-3333","4444-5555-6666"]
        },
        "Action":["s3:GetObject*"],
        "Resource":"arn:aws:s3:::mybucket/*"
    }
 ] 
}

Note

The Resource value must include the bucket name.

To attach a policy to a bucket, you must be the bucket owner. The bucket owner by default has permissions to attach bucket policies to their buckets using PUT Bucket policy. If the bucket already has a policy, the one in this request completely replaces it

For more information, go to PUT Bucket policy in the Amazon S3 API Reference.

Document Conventions« PreviousNext »
Terms of UseDid this page help you?  Yes | No |  Tell us about it...