Skip to content

Instantly share code, notes, and snippets.

@devops-school

devops-school/aws-s3-policy-ipaddress-domain.json

Created August 28, 2020 11:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save devops-school/94a9ef67aa197ecaa99d60e7d1144660 to your computer and use it in GitHub Desktop.
Save devops-school/94a9ef67aa197ecaa99d60e7d1144660 to your computer and use it in GitHub Desktop.
Download ZIP
Example of S3 Bucket Policy to allow from IP address and Domain name
Raw
aws-s3-policy-ipaddress-domain.json
# Example of S3 Bucket Policy to allow from IP address and Domain name
{
"Version": "2008-10-17",
"Id": "http referer policy example",
"Statement": [
{
"Sid": "Allow get requests originated from www.example.com and example.com",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::324324234324/*",
"Condition": {
"StringLike": {
"aws:Referer": [
"https://www.devopsschool.com/*",
"https://devopsschool.com/*",
"https://devopsschool.com*",
"https://devopsschool.com"
]
}
}
},
{
"Sid": "Allow get requests originated from www.example.com and example.com",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::43223423432/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": ["132.148.28.44/30","10.193.44.89/30"]
}
}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment