Restricting file types on amazon s3 bucket with a policy

You can use the policy generator for this if you're not sure how to write, for example you would have something like

{
  "Id": "Policy1464968545158",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1464968483619",
      "Action": [
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::<yourbucket>/*.jpg",
      "Principal": "*"
    },
    {
      "Sid": "Stmt1464968543787",
      "Action": [
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::<yourbucket>/*.png",
      "Principal": "*"
    }
  ]
}

As said from doc you can specify multiple resources and aggregate this part, so no need to multiply the statement

    "Resource": [
      "arn:aws:s3:::<yourbucket>/*.jpg",
      "arn:aws:s3:::<yourbucket>/*.png",
      "arn:aws:s3:::<yourbucket>/*.gif",
    ],

so you get something like

{
    "Id": "Policy1464968545158",
    "Version": "2012-10-17",
    "Statement": [
      {
        "Sid": "Stmt1464968483619",
        "Action": [
          "s3:PutObject"
        ],
        "Effect": "Allow",
        "Resource": [
          "arn:aws:s3:::<yourbucket>/*.jpg",
          "arn:aws:s3:::<yourbucket>/*.png",
          "arn:aws:s3:::<yourbucket>/*.gif",
        ],
        "Principal": "*"
      }
    ]
}

you can access policy generator when you create your bucket policy

enter image description here

Restricting file types on amazon s3 bucket with a policy

Tags:

Amazon S3

Amazon Web Services

Related

Recent Posts