[AWS] How to allow External User to access S3 bucket

In this article, let me explain how to allow external users to access your S3 bucket. You can share your data with external user easily with high security.

1. Create IAM User
Please refer to below article, if you have not created IAM User.
Create IAM user for S3 bucket access

How to create S3 bucket that can be accessed from external user
Firstly, access S3 console.

Click Create bucket.

Input Bucket name and select AWS Region.

You can change pubic access setting. In my case, I checked Block all public access.

You can enable Bucket Versioning and edit tags, if necessary.

Enable Server-side encryption, if you want.
I selected Amazon S3 key (SSE-S3) as Encryption key type.
Then, click Create bucket.

Successfully created new bucket as below !!

Click Permissions tab.

And, Edit Bucket policy.

It is easier to use policy generator, if you are a beginner.
Click Policy generator.

Select Type of policy to S3 bucket Policy.
Input IAM user’s ARN to Principal.
* If you do not create IAM user, please create it by referring to Precondition section.
Check All Actions in Actions section.
Input S3 ARN to Amazon Resource Name (ARN).
Then, click Add Statement.

I would like to add IP address white list.
Select IpAddress in Condition section.
Select aws Sourceip in Key section.
Input IP address in value section and click Add Condition.

Check if your statement is added.

Then, click Generate Policy.

Then, click Save change.

Successfully created a policy !!

Let’s access S3 bucket from external user.
If you do not install aws cli, please install it.
After executing aws configure command, and input necessary information as below.

Check if you can access S3 bucket as below.
You can upload test file to S3 bucket !!

You can read other articles about AWS. Please access to below URL, if you are interested in.

That’s all for this topic. If you think this article is beneficial for me, I would be glad if you click below icon for my motivation.