Create an S3 Bucket

anomalyinnovations · May 9, 2018, 6:39pm

From @jayair on Mon Apr 10 2017 01:08:56 GMT+0000 (UTC)

Link to chapter - http://serverless-stack.com/chapters/create-an-s3-bucket.html

Copied from original issue: https://github.com/AnomalyInnovations/serverless-stack-com/issues/62

doruk · June 29, 2018, 8:28pm

When the bucket policy given in the book is applied, aws console displays a warning;

This bucket has public access
You have provided public access to this bucket. We highly recommend that you never grant any kind of public access to your S3 bucket.

Is this expected behavior? If so, what should one do instead?

jayair · June 29, 2018, 8:58pm

In this case, we want our S3 bucket (and the app inside it) to be publicly accessible. So it is safe to ignore this. However, we shouldn’t make our file uploads bucket publicly accessible.

christianreed · November 17, 2018, 12:27am

There are two new default settings in the boilerplate setup that prevent you from adding public policies to buckets, and, apparently, from allowing a bucket to be public while you “fix the policy.”

Or at least I had these come up, and was wondering why I was getting 403s on updating the policy. If you’re getting these, edit the “Public access settings,” and uncheck the options for “Manage public bucket policies for this bucket.”

jayair · November 19, 2018, 1:52am

Thanks for sharing. Sounds like we need to update the screenshots.

HannahStahl · November 29, 2018, 7:39pm

Yes, I had the same issue and found the same solution. This screenshot shows the two boxes that need to be unchecked:

jayair · December 2, 2018, 9:52pm

Got it. Yeah it needs to be updated.

filmboy3 · February 21, 2019, 8:37pm

FYI, I also had this same issue, but to solve it, unchecking of these two ‘manage public policies’ boxes had to also be done on the larger, console level for the entire account – i.e., change the bucket-changing policies for ALL Buckets, not just the individual client app bucket. Thank you so much for your incredible tutorial!!!

jayair · February 25, 2019, 7:31pm

Thanks for letting us know!

jamesrusso · December 23, 2020, 6:14pm

It would be a great example to show how this entire bucket setup and cloud formation, SSL certificates, etc. Could all be done by SST as part of an IAC project. This way everything is ready to go and then in the react or angular project you can simply sync it to the bucket, invalidate the index.html (if you want?) and be good to go.

Bonus points to extract the bucket name from the output of the stack to use in the deployment?

jayair · January 3, 2021, 1:04am

Yeah we’ll do this at some point in the near future!

Topic		Replies	Views
Add existing s3 bucket permission to lambda	1	325	March 19, 2021
Create an S3 Bucket for File Uploads Chapter Comments	10	1088	November 13, 2020
Create an S3 Bucket for File Uploads: Lambda to S3 Access Denied Chapter Comments	4	2905	February 2, 2021
Protected S3 upload with files available via public get endpoint	6	475	July 13, 2020
Error 403 - Create a Note	4	921	January 14, 2020

Create an S3 Bucket

Related Topics