Challenge Lab: Amazon S3

policy1.json

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": [
                "arn:aws:s3:::<bucket-name>/file1.txt",
                "arn:aws:s3:::<bucket-name>/file2.txt"
            ]
        }
    ]
}

s3-command.sh

aws s3api create-bucket --bucket <bucket-name> --region us-west-2 --create-bucket-configuration LocationConstraint=us-west-2

mkdir files
touch files/file1.txt
touch files/file2.txt
touch files/file3.txt
echo "file1 content" > files/file1.txt
echo "file2 content" > files/file2.txt
echo "file3 content" > files/file3.txt
aws s3 sync files s3://<bucket-name>

### set public access block
aws s3api put-public-access-block --bucket <bucket-name> --public-access-block-configuration "BlockPublicAcls=false,IgnorePublicAcls=false,BlockPublicPolicy=false,RestrictPublicBuckets=false"

## set bucket policy
aws s3api put-bucket-policy --bucket <bucket-name> --policy file://policy1.json


### s3 url
https://<bucket-name>.s3.<region>.amazonaws.com/<object-key>