1. Create IAM User
Click Create bucket.
Input Bucket name and select AWS Region.
You can change pubic access setting. In my case, I checked Block all public access.
You can enable Bucket Versioning and edit tags, if necessary.
Enable Server-side encryption, if you want.
I selected Amazon S3 key (SSE-S3) as Encryption key type.
Then, click Create bucket.
Successfully created new bucket as below !!
Click Permissions tab.
And, Edit Bucket policy.
It is easier to use policy generator, if you are a beginner.
Click Policy generator.
Select Type of policy to S3 bucket Policy.
Input IAM user’s ARN to Principal.
* If you do not create IAM user, please create it by referring to Precondition section.
Check All Actions in Actions section.
Input S3 ARN to Amazon Resource Name (ARN).
Then, click Add Statement.
I would like to add IP address white list.
Select IpAddress in Condition section.
Select aws Sourceip in Key section.
Input IP address in value section and click Add Condition.
Check if your statement is added.
Then, click Generate Policy.
Then, click Save change.
Successfully created a policy !!
Let’s access S3 bucket from external user.
If you do not install aws cli, please install it.
After executing aws configure command, and input necessary information as below.
Check if you can access S3 bucket as below.
You can upload test file to S3 bucket !!