|« PreviousNext »|
|Did this page help you? Yes | No | Tell us about it...|
Bucket policies define access rights for Amazon S3 resources. Only a bucket owner can write bucket policies. A bucket owner can write a bucket policy to:
Allow/deny bucket-level permissions.
Deny permission on any objects in the bucket. Because the bucket owner is fiscally responsible for the bucket, the owner can write a bucket policy to deny permissions on any objects in a bucket.
Grant permission on objects in the bucket only if the bucket owner is the object owner. For objects owned by other accounts the object owner must manage permissions using ACLs.
The policy itself is written in JSON and uses the access policy language. To learn about the details of the access policy language and how to write a bucket policy, see The access policy language.
AWS Policy Generator Tool
You can use the AWS Policy Generator tool to create a bucket policy for your Amazon S3 bucket. You can then use the generated document to set your bucket policy using the Amazon S3 console, a number of third party tools or via your application. To use the policy generation tool, go to AWS Policy Generator.