Securing an AWS Bucket by source IP. : Maidenhead Bridge

Securing an AWS Bucket by source IP. Print

Modified on: Mon, 22 Nov, 2021 at 9:37 AM

On your AWS console create a bucket with default values for permissions: "Block all Public Access = on"
On Bucket Policy, add your Public IPs in "aws:SourceIp":[]

Example:

{

"Version": "2012-10-17",

"Id": "S3PolicyId1",

"Statement": [

{

"Sid": "IPAllow",

"Effect": "Allow",

"Principal": "*",

"Action": "s3:*",

"Resource": "arn:aws:s3:::mhb-netskope-private/*",

"Condition": {

"IpAddress": {

"aws:SourceIp": [

"200.1.1.1/32",

"200.2.1.1/32",

"200.3.0.0/29"

]

}

]

}

Did you find it helpful? Yes No

Help Desk Software by Freshdesk