TailTemplate Build stunning websites faster with our pre-designed Tailwind CSS templates

Setting up correct AWS permission for S3 images

AWS S3 provides an easy-to-use storage service at a reasonable cost. It is important to set the permissions right before you deploy your application to the wild.

The following steps below will help you set the permission correctly for your S3 storage.

  • Disallow public ACL in **block public access **

Firstly let's block public access to our bucket via ACL. This option ensures no-one can access the buckets publicly, even though public ACL, the access will be blocked.

  • Allow public list permission in bucket policy:

Now go to the Bucket policy of your target bucket and provide read permission for public access as shown below:


{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadGetObject",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::your-bucket-name/*"
        }
    ]
}

Note to place your-bucket-name with your bucket name.

  • Configure CORS

Last but not the least, let's configure CORS, so the front end of our application can access our stored files without permission issues.

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
</CORSRule>
</CORSConfiguration>

The end

That is all we need to do to configure AWS S3 storage with correct permissions to make it safe.