How to Allow Public Access to an Amazon S3 Bucket

If you're using an Amazon S3 bucket to share files, you'll first need to make those files public. If you don't, your users will get an XML error message saying the file is unavailable. Here's how to fix it.

If you’re using an Amazon S3 bucket to share files with anyone else, you’ll first need to make those files public. Maybe you’re sending download links to someone, or perhaps you’re using S3 for static files for your website or as a content delivery network (CDN). But if you don’t make the files public, your users will get an XML error message saying the file is unavailable.

It’s easy to fix, but it’s not self-evident how to do it. You need to add some specific lines of code in your Amazon S3 Management Console.

For most uses, the best course is probably to make all the files in a particular bucket public. You don’t have to do it that way–you can apply it on a file-by-file basis if you like, but that gets tedious very quickly if you have more than a handful of files. And by making it apply to the whole bucket, it will also apply to new files you add, which is pretty much essential for anything remotely automated like CDN uses.

So here’s how to do it.

1. Sign in to Amazon Web Services and go to your S3 Management Console.

2. Select the bucket from the left. At right, click the Properties button if it’s not already expanded.

3. Go to the Permissions tab and hit the Add Bucket Policy link. (If you’ve previously added a policy, the button will say Edit Bucket Policy instead).

4. Copy and paste this code in the Bucket Policy Editor popup. You’ll need to replace “YOUR-BUCKET-NAME” with your full bucket name.

{"Version": "2008-10-17",
"Statement": [{"Sid": "AllowPublicRead",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::YOUR-BUCKET-NAME/*"
}]}

As an example, if your bucket is named “photos.havecamerawilltravel.comotoshelter.com”, it should look like the screen grab below.

Another advantage of doing it this way is that it will apply to all files you add to the bucket in the future as well. Which means you should only have to do this once per bucket.

Getting the URL for an Individual Object

There are a number of ways to share the contents of the bucket, from an individual URL for an individual object through making the bucket available to host a static website on a custom domain.

If you’re looking to quickly share the URL of a specific object, here’s one way to find the link:

  1. Sign into the AWS Management Console and go to your S3 dashboard.
  2. Navigate to the specific bucket and object.
  3. Click on the Properties button at top right.
  4. Copy the URL from the Link info at top right, which should look something like this:

You can then send that link to others to download or open. In this example, it’s the URL I’m using when embedding one of the 360° panoramas in this page.

View Comments

  • As an update for the next person trying to find where the actual URL is on the now updated AWS bucket page.
    Goto bucket you want to find URL
    Goto Properties
    Static web site hosting (under properties)
    Look up top of pop up as "endpoint"
    There is your URL

  • Thanks for the details. Sadly as of 2019, this is out of date and won't work on AWS S3.

        • David,

          Ann asked, and I also want to know:

          " how do I actually share the url of the specific S3 bucket?"

          You only provided method to: "quickly share the URL of a specific OBJECT" within a bucket

          Well, that is easy, we figured that out on day one. Now I am on day five and still have not found a way to create and share a BUCKET URL without hosting a website.

          Since you danced around this question assume AWS S3 lacks this, basic, functionality?

          So folks, it appears one CANNOT get a URL link to an AWS S3 bucket unless the AWS account holder has a domain, which they purchase from the domain pirate, one CANNOT create a functional link to view content in S3 Bucket.

          But google DOES have this functionality using google DRIVE, AND they give you 15GB of data FREE. AWS only gives you 5GB and does not have the same functionality as google.

          • You can get the URL of the bucket by granting everyone list access and then using the endpoint (if you're using Amazon East, it's in the format:

            But the list might not be in a form you expect--it's an XML listing of all the contents of the bucket, including its filename (key), last modified date, Etag, size, and the storage class. It's not designed out of the box to be displayed as a user-friendly page of HTML links. If you're after something like that, Google Drive or Dropbox might be more what you're after.

  • Hi David,

    I've been using S3 for some time now and would like some clarification on the "public" status. If dealing with sensitive static documents (stored on S3) that would be available to download on a website behind a secure login, my understanding is that I would need to make that file "public" in S3 terms. Does this mean that anyone with that link could access the file? I already have a few IAM groups set up controlling access rights within S3 but how would I link those access rights to the logins of the actual website?

  • Hi David,

    I am having a difficult time trying to figure out something I think is probably very simple...

    I just got OptimizePress Membership, and I am creating a new website. I heard that it is best to have all of my static images, and also my membership area videos (and other information) on Amazon S3.

    So I created an Amazon S3 account, and for the life of me, I cannot figure out what to do from there.... How do you get the static images to show on OptimizePress website, and how do you put private/secure videos on there as well?

    I thought I might need a wordpress plugin, yet I could not find any that have not been kept up to date or that would even work to help.

    I have been searching and searching for just some simple 'this is how you do it' answer, yet I am still left in the dark.

    If you could help me I would appreciate it.

    Thank you,
    Judie

    • Well, it's not something very simple, so no worries there. I'm not familiar with OptimizePress, but the general way to upload files to Amazon S3 will require some kind of client. They come in all sorts of different forms, from browser plugins to full-featured data transfer apps. There are also plugins for various content management systems like Wordpress.

      Once you've uploaded the files to S3 and made them accessible to the public, each file has it's own URL. I don't know how OptimizePress works exactly, but somehow you'll use that URL to have the files show up on your site.

  • Hi, thanks for posting. I'm having a very hard time finding the answer to a simple question: how do a enable an S3 bucket to be accessible as a simple site to browse/download from files and folders within the S3 bucket? I don't need to really host a 'website'... I just need to be able to enable public users to browse and download files from my S3 bucket.

    • Off the top of my head, I'm pretty sure there's no native way to make them browsable--you'd need something else to create that functionality. It could be anything from a static website with links to a CMS that's pulling from S3. There are browser plugins that let you manage your buckets, but they're mostly designed for the owner's admin rather than allowing public access. If you're inclined to mess with some javascript, this looks promising.

    • Do you mean enabling versioning of files in a bucket? If so, here's a guide on how to do that. If you mean the version date in the code example, you can leave it as it is in the example code.

Share