What does the statement body of this S3 bucket policy do?

{
“Sid”: “bucketpolicy1”,
“Effect”: “Allow”,
“Principal”: “*”,
“Action”: “s3:GetObject”,
“Resource”: “arn:aws:s3:::userreports/*”,
“Condition”: {
“IpAddress”: { “aws:SourceIp”: “68.249.108.0/24” },
“NotIpAddress”: { “aws:SourceIp”: “68.249.108.128/32” }
}
}

  • bucketpolicy1 allows any user to perform any action on the objects in the userreports bucket, but limits the objects to read-only permissions for anyone coming from 68.249.108.0 to 68.249.108.255 – except 68.249.108.128.
  • bucketpolicy1 allows any user coming from the IP range of 68.249.108.0 to access objects in the userreports bucket and denies access to 68.249.108.128.
  • bucketpolicy1 allows any user to perform any action on the objects in the userreports bucket – except anyone coming from the IP of 68.249.108.128.
  • bucketpolicy1 allows any user coming from the IP range of 68.249.108.0 to 68.249.108.255 to access objects in the userreports bucket-except anyone coming from the IP of 68.249.108.128.
Join our list

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Leave a Comment

Join our list

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Send this to a friend