Good examples of how to set policies on an Amazon S3 bucket.
For example: if you have a test bucket you use only for internal testing you don't normally want it to be accessible from outside (or google to index its content).
You can set a Bucket policy like this one:
{"Version":"2008-10-17","Id":"S3PolicyId1","Statement":[{"Sid":"IPDeny","Effect":"Deny","Principal":{"AWS":"*"},"Action":"s3:*","Resource":"arn:aws:s3:::dev.youbucket.com/*","Condition":{"NotIpAddress":{"aws:SourceIp":"X.X.X.X/32"}}}]}
where sourceIP will be the IP range of your test environment. You'll deny any action coming from outside.
More useful examples here.
No comments:
Post a Comment