How to Allow Public Access to an Amazon S3 Bucket & Find S3 URLs

If you’re using an Amazon S3 bucket to share files, you’ll first need to make those files public. If you don’t, when your users try to access the URL they’ll get an Access Denied error. Here’s how to fix it.

Text & Photos By David Coleman

Last Revised & Updated: March 7, 2024

Filed Under:

Topics: Amazon Web Services

I MAY get commissions for purchases made through links in this post.

Quick Summary

By default, new Amazon S3 buckets are private. To share files publicly, you need to make them accessible to others.
Making an S3 Bucket Public:
- Go to S3 Management Console > Permissions tab > Block Public Access.
- Uncheck “Block all public access” and save.
- To make the entire bucket and its contents public, use the Bucket Policy Editor and input the appropriate policy (see below).
Finding the S3 Bucket URL & Individual Object URL:
- Go to the bucket’s Overview tab.
- Click next to the desired file name to get the Object URL.
Finding the S3 Bucket Endpoint:
- Click on the bucket name > Properties tab > Static Website Hosting card.
- The endpoint address is displayed at the top.
NB: Amazon discourages granting public access to an S3 bucket due to security concerns.

If you’re using an Amazon S3 bucket to share files with anyone else, you’ll first need to make those files public. By default, new buckets are set to be private. Making the contents public will make them accessible to others.

Maybe you’re sending download links to someone, trying to share photos with a client, or perhaps you’re using S3 for static files for your website or as a content delivery network (CDN).

But if you don’t make the files public, your users will get an XML Access Denied error message saying the file is unavailable.

It’s relatively straightforward to make S3 buckets public, but it’s not necessarily self-evident how to do it. It has also changed from an older method that no longer works since Amazon revamped its permissions processes. (This post used to show the older method, but I’ve now updated it below with the new method.)

I’m focusing here on making an entire bucket and all of its contents public. So before you make the changes, please be sure that you don’t have any files in there that you don’t want accessible to everyone on the internet. It is quite possible to make individual files (or objects) public on a file-by-file basis; I’ll cover that further down this page.

But for situations where you don’t want to be messing with permissions for each individual file—say, if you’re using an S3 bucket to share photos from a whole shoot with clients or as the storage source for your website’s CDN—you can also make the entire bucket publicly accessible. That includes all of its existing contents and any new files uploaded to it.

So a big advantage of doing it this way is that it will apply to all files you add to the bucket in the future as well. This means you should only have to do this once per bucket. But it also means that you definitely don’t want to do this if you’re using the bucket as a cloud backup of your computer.

There are also multiple ways to handle the issue. While this is among the quickest and simplest, it’s not the only method and not even necessarily the best for all uses. A more secure and more precise way to do it is through using the AWS access control list (ACL) tools, but that method can be potentially more complicated.

Creating a New S3 Bucket to be Public

When you create a new bucket, there’s a new step-by-step process that is much more user-friendly than the old version.

Step 3 in that process is to set permissions. By default, new buckets are set to Block all public access. In other words, no one else can access the files.

You can uncheck that option to allow read access so that they can view and download the files but can’t edit or delete them.

How to Make a New Amazon S3 Bucket Public | Screenshot

How to Make an S3 Bucket Public

Here’s how to do it for one S3 bucket at a time.

1. Sign in to Amazon Web Services and go to your S3 Management Console.

2. Click on the name of the S3 bucket from the list. If it’s still in its default access state, it should say “Buckets and objects not public” next to it.

Amazon S3 Bucket Selection from List | Screenshot

3. Go to the Permissions tab. The first sub-tab, which is open by default, is Block Public Access, and the “Block all public access option will be On. Click on the Edit button at the right.

Amazon S3 Bucket Permissions Edit | Screenshot

4. Uncheck the “Block all public access” option, and then click the Save button.

Amazon S3 Bucket Public Uncheck | Screenshot

You’ll then be asked to confirm the change by typing in the word confirm.

Making Everything in the S3 Bucket Publicly Accessible

If you go back to the S3 buckets list, you’ll see that the access for that bucket has now been changed to “Objects can be public.” And that’s where the official Amazon instructions stop.

But I’m guessing that the reason you’re here is that you’ve discovered that doesn’t actually make the entire bucket public. If you try to access (read) the files now through a web browser, for instance, you’ll still get the Access Denied error.

Amazon S3 Bucket Objects Can Be Public | Screenshot

So we can take it a step further and make an entire bucket, all of its existing contents, and any new files uploaded to it, publicly accessible.

But before proceeding, know that Amazon discourages granting public access to an S3 bucket and will show you a warning to that effect when you save the Bucket Policy below. If you proceed, this is going to make all the bucket’s contents available to anyone with an internet connection to read, view, and download.

1. From the bucket list, click on the bucket name again. Select the Permissions tab again, but this time go to the Bucket Policy sub-item. This opens the Bucket Policy Editor.

Amazon S3 Bucket Policy Editor | Screenshot

4. Copy and paste this code in the Bucket Policy Editor entry area. You’ll need to replace “YOUR-BUCKET-NAME” with your full bucket name.

{"Version": "2008-10-17",
"Statement": [{"Sid": "AllowPublicRead",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::YOUR-BUCKET-NAME/*"
}]}

As an example, if your bucket is named “havecamerawilltravel.developer”, as in the example I’m using here, it should look like the screengrab below.

Amazon S3 Bucket Policy Editor Example | Screenshot

When you click Save, you’ll get a warning:

Amazon S3 Bucket Public Access Warning | Screenshot

If you want to heed that warning and remove the public access, you can use the Delete button above the input area.

Now, when you go back to the bucket list, you’ll see that the entry in the access column has changed to public.

Amazon S3 Bucket Public Access Bucket Policy | Screenshot

How to Find the S3 Bucket URL & the URL for an Individual Object

There are a number of ways to share the contents of the bucket, from an individual URL for an individual object through making the bucket available to host a static website on a custom domain.

If you’re looking to quickly share the URL of a specific S3 object, here’s one way to find the link:

1. From the bucket list, click on the name of the bucket. Then choose the Overview tab for a list of the files in the bucket.

2. Use the search bar to locate the file, if necessary. Then click to the right of the file name, but not actually on the file name (that will open something different).

Amazon S3 File Access Public 1 | Screenshot

3. From the slide-out panel, you can find the file’s endpoint using the Object URL field.

Amazon S3 Bucket Copy URL Path | Screenshot

You can then send that link to others to download or open.

How to Find an Amazon S3 Bucket Endpoint

Some applications, such as plugins for website platforms or backups apps, might ask for your bucket’s endpoint. That’s the location displayed in a standard URL format (as opposed to a local path, for instance). It’s also sometimes called the S3 URL.

Here’s a quick way to find the endpoint URL.

1. Click on the bucket name from the list of S3 buckets.

2. Go to the Properties tab.

3. Click on the Static Website Hosting card. The first bit of information on the card is the endpoint address.

Amazon S3 Bucket Endpoint URL | Screenshot

If you’re going to set up the bucket to host a static website, there’s more to it. You can find Amazon’s instructions on the rest of that process here.

More to Explore

If you enjoyed this post, you might also find these of interest:

May 3: I tested the new Samsung PRO Plus V30 UHS-I SDXC card. Results were practically identical to the PRO Ultimate, which isn’t entirely surprising.
May 1: There’s new firmware for the Nikon Zf. It’s a relatively minor release, but it does add a new feature: slow-motion recording. It also fixes a display issue that I’d found frustrating. You can find v.1.10 here.
Apr 25: Fujifilm has announced new firmware updates for several cameras: X-T5, X-H2, X-H2S, X-S20, and X100VI. The updates vary by model, but include a new Reala Ace film simulation, improvements to autofocus tracking, and enhanced features for connecting cameras with the FUJIFILM XApp. You can find details for each specific model here.
Apr 24: Nikon has released a firmware update for the Nikon Z8. It’s mostly a bug fix update, but a couple of them are bugs I’ve personally experienced related to the viewfinder display. You can get v.2.01 from Nikon’s website.
Apr 16: Sony has released a new lightweight and compact wide zoom: the FE 16-25mm ƒ/2.8 G (SEL1625G). It’s highly portable, fast, and weather resistant. Priced at $1199. Which all makes it an attractive package for Sony full-frame Alpha cameras, especially if you’re traveling or looking for a wide-angle carry-around lens. Preorders are opening tomorrow (April 17, 10am ET).
Apr 16: Insta360 has released their new 8K 360-degree camera, the Insta360 X4. Up to 8K capture, higher framerates (5.7K60, 4K100), active HDR, and 72MP 360-degree photos. Available now for $499.
Apr 15: Ricoh has released new firmware for the GR III and GR IIIx. It’s a fairly minor update, adding a couple of features that were already included with the new HDF versions: new custom white balance options and a new Zone Select AF option. Get the update (V.1.91) here.
Apr 13: OM System has released new firmware for the OM-1 and OM-5. But it’s a stability update that doesn’t add any new features or performance. But they have said to expect a slightly meatier update in the fall to improve AF and provide the option to assign the trash button as a menu access shortcut. You can find the new firmware here.
Apr 12: There’s a new fastest CFexpress Type B card. At least, on paper. Taiwanese brand Wise has announced a new CFexpress 4.0 Type B Mk-II with speeds up to 3700 MB/s read and 3400 MB/s sustained write. But, again, it’s mostly for bragging rights at the moment, because it’s a CFexpress 4.0 spec card, which requires that the camera be compatible with CFexpress 4.0 (hint: none so far).
Apr 11: Western Digital, which owns the SanDisk memory card brand, has announced the first 4TB SD card. But for now, it’s mostly for bragging rights than anything practical. For two reasons: it’s not expected to hit stores until next year, and it’s an SDUC card, which requires a device that’s compatible with SDUC (i.e., I’ve not heard of any SDUC-compatible cameras available yet).
Apr 8: Samsung has released new microSD cards with faster speeds. But these aren’t going to topple the current fastest SD cards in my tests; in this case, the emphasis is on a different type of speed than is useful for cameras–more for gaming devices and mobile phones. The new EVO Select and EVO Plus cards carry A2 and V30 speed ratings.
Mar 27: Nikon has released a new consumer superzoom lens for their Nikon Z cameras: the NIKKOR Z 28-400mm ƒ/4-8 VR. It works on both full-frame and DX cropped-sensor, and on the latter, you’ll get the equivalent of 42-600mm focal length reach. It’s not particularly fast, especially zoomed in, but it’s competitively priced and remarkably small. It’s almost certain to be a hit. Available for preorder with an estimated ship date of April 18.
Mar 26: Canva and Affinity are joining forces. This makes sense, with some really powerful and interesting imaging apps each specializing in different areas. I’ve been a long-time user of Canva and have long been impressed with Affinity’s apps. So I’m looking forward to where they take this. Synergy is corporate jargon that’s thrown around too much, but in this case the potential synergies just leap out. Read more.
Mar 26: Sigma has announced a new ultra-fast 50mm ƒ/1.2 lens for Sony E in their Art line. As well as being fast and bright, it’s notably lightweight for this type of lens and has a dust and splash resistant build.
Mar 7: Nikon is buying RED outright. It’s an interesting pairing, with Nikon’s obvious strength in imaging and RED’s innovative approach to high-end cinema shooting and associated technology like their cutting-edge RAW compression. It wasn’t long ago that RED was suing Nikon for infringing on their compression patents (case was dismissed).
Feb 21: Sony has announced a new lightweight, versatile, and fast mid-range zoom for their full-frame cameras: the Sony FE 24-50mm f/2.8 G. Priced at $1099. Its key appeal is the combination of portability, speed, and image quality, and it’s likely to be a hit with travel and everyday shooters alike.
Feb 20: Fujifilm has (finally!) announced the new X100VI compact street shooter. It has the same basic form factor and retro styling as the X100V (which is itself an awesome camera), a new 40MP APS-C sensor, 23mm ƒ/2 lens, in-body stabilization, and various other tweaks and improvements. Expect this to be a hit; I’ve pre-ordered mine already. Priced at $1599.
Feb 20: Laowa has announced the long-teased 10mm ƒ/2.8 full-frame autofocus lens. That’s a super-wide perspective for full-frame, and I’m looking forward to trying it out. If you’re not familiar with Laowa lenses (from Venus Optics), they’ve been coming up with some really interesting left-field optics. They’ve generally exclusively manual-focus so far–this is their first autofocus lens. I’m a big fan of some of their macro lenses. The 10mm ƒ/2.8 is priced at $799. Currently versions for Canon RF, Leica L, and Sony E; Nikon Z coming soon. Available for preorder.
Feb 7: Nikon has released a major firmware update for the Nikon Z8. And it really is a big one! Version 2.00 adds several big features, including Auto Capture, Pixel Shift shooting, Rich Tone Portrait, and a very long list of other fixes, tweaks, and enhancements. You can find more details on it, as well as download it, on the Nikon USA site.
Feb 7: DxO has released a new update that adds compatibility for new cameras and lenses, including the Nikon Z 135mm ƒ/1.8 Plena lens and Canon’s 10-18mm F4.5-6.3 IS STM wide angle lens. More info.
Jan 31: OM System has announced an update to their flagship camera: the OM System OM-1 Mark II. Same sensor and general form factor. Dropped the Olympus branding completely. Slightly tweaked features overall, such as better stabilization. But the headline updates are that they’ve leaned into AI on-camera processing, with computational processes such as an electronic graduated neutral density filter and better AI autofocus detection (i.e., it automatically detects a wide range of types of subjects and tracks focus on them). The rugged build has also been taken up a notch with IP-53 rated body, which is great for travel photography. I’m a big fan of the OM-1, but I’m not sure overall that this new version would convince me to rush out and upgrade it. Find more info here.
Jan 31: OM System also announced a new super telephoto zoom that, not coincidentally, would go very nicely with the OM-1. It’s a 150-600mm ƒ/5-6.3. Which doesn’t sound remarkable until you convert it to 35mm equivalent of 300-1200mm. Not super fast, but it’s surprisingly small and portable considering its reach. It’s available for preorder; expected to start shipping towards the end of February.
Jan 9: DXO has added Nikon Zf compatibility to their suite of software. I’ve been waiting for this with PureRAW.
Jan 2: South African photographer Peter Magubane has died. He was known for his lifelong work against apartheid. An inspiring obituary and some of his photos in today’s New York Times.
Dec 13: Amazon Drive will be shutting down at the end of December. If you have any files or photos stored there, they’ll continue to be available through Amazon Photos. So don’t panic if you suddenly can’t get into Amazon Drive; use the Amazon Photos website instead.
Dec 1: Camera Bits, the company behind Photo Mechanic, is pushing back their announced transition to a subscription model. They’ve received a lot of pushback, and they’ve decided to add a perpetual license option as well (details still being worked out on that). More here.
Nov 30: Renowned French/American Magnum photographer Elliott Erwitt has died at 95 at his home in Manhattan. You can find an extensive collection of his decades-worth of photographs on the Magnum site.
Nov 22: ProGrade Digital has released their next-generation CFexpress 4.0 cards. Using PCIe Gen 4, they provide read speeds of up to 3400MB/s and sustained write speeds of up to 2400MB/s. They’re available in 512GB, 1TB, and 2TB sizes. But an important caveat before you rush out and buy one: These are designed for future cameras, not currently available ones. That’s because current cameras don’t use CFexpress 4.0 and therefore can’t take advantage of the speed benefits that it provides. So, for now, the only benefit you’ll see with these is if you happen to be using the ProGrade Digital PG05.6 USB 4.0 Reader you should get faster download speeds to your computer. And in case you’re wondering what happened to 3.0 . . . they’re skipping that, going straight from 2.0 to 4.0.