AWS Certified Solutions Architect - Associate (SAA-C02)
  1. Rooms
  2. AWS Certified Solutions Architect - Associate (SAA-C02)

Sign Up Free or Log In to participate!

Versioning Objects in S3 – cannot make object public

Hi,

Topic: S3 Bucket versioning

Can anyone help me please? Trying to enable access to older versions of the object in a S3 bucket. The bucket is public, versioning is enabled and permissions are applied on bucket to allow public access. Yet when I try to enable access to older versions, I find the "make public via ACL" option under actions is disabled.

How can I resolve this?

Thank you

John Held

I have the same info – I edited the ACL for the bucket using the answer below, but I still cannot enable access to the prior version of the index.html file. I also notice that AWS now says "Object Actions/"Make Public Via ACL" instead of simply ‘make public’ as displayed in the video.

1 Answers

If you create your bucket up using ACLs disabled you can use a bucket policy to grant read access to all objects in the bucket using the following bucket policy:

{  
    "Version": "2012-10-17",  
    "Statement": [  
        {  
            "Sid": "PublicRead",  
            "Effect": "Allow",  
            "Principal": "*",  
            "Action": [  
                "s3:GetObject",  
                "s3:GetObjectVersion"  
        ],  
        "Resource": "/*"  
       }  
    ]  
}
This will allow read access to anonymous internet users, unless public access is blocked. In this scenario the “make public via ACL” option is always blocked as the bucket policies are overriding ACLs.
For buckets with an ACL enabled each new object has its own permissions, so you have to grant access for each new version. You can set that when you upload the file by selecting Choose from predefined ACL and Grant-public read access.This stack overflow article provides more detail [https://stackoverflow.com/questions/70468569/aws-s3-why-public-object-doesnt-work-with-versioning](https://stackoverflow.com/questions/70468569/aws-s3-why-public-object-doesnt-work-with-versioning).
Sandeep

Thank you for your response. Tried creating Bucket without "ACL enabled" option, "Block all public access" unchecked and applied above bucket policy, but for some reason "Make public via ACL" was still disabled. GUI threw up IAM permissions error for the sandbox user. Instead, I tried creating another bucket with "ACL enabled" and followed the rest of the steps as described in the tutorial and it worked! I was able to make all older versions public.

Jonas Borges

Hi, go in ‘Permissions" in your bucket and look for "Object Ownership". There choose the option "ACLs enabled". the "Make public via ACL" will be enable. I believe its a recent AWS feature.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization