How to make specific file types public using bucket policies

This guide will show how to create a bucket policy that will allow certain file types within your bucket to be available publicly, while still maintaining security for other file types that may be present in your bucket.

 

To accomplish this, we can create a bucket policy targeting the specific file types that you wish to be public via a wildcard in the "Resource" ARN. For this example, we will allow both "jpg" and "png" files to be public in our bucket "examplebucket". It is important to note that objects and policies in your bucket are case-sensitive, so the below policy will work to make the object "test.jpg" public, but it will NOT make "test.JPG" public (unless "*.JPG" is added as a valid resource within the policy too):

 

{
  "Version": "2012-10-17",
  "Statement": [
    {
    "Sid": "AllowPublicFileTypes",
      "Effect": "Allow",
      "Principal": {
      "AWS": "*"
      },
      "Action": "s3:*",
      "Resource": [
      "arn:aws:s3:::examplebucket/*.jpg",
      "arn:aws:s3:::examplebucket/*.png"
      ]
    }
  ]
}

 

To apply this policy, go to your bucket settings, then to the "Policies" tab, paste in the policy, and ensure that you have modified the above text to reflect the correct "Resource" ARN for YOUR bucket name. Once saved, any matched resource file types will be available to the public.

If there are any questions about this implementation, please e-mail Support at support@wasabi.com for help.

Have more questions? Submit a request