I have some secret files which I want to restrict anonymous user from viewing/downloading. I have tried to make it private by running something like:
s3cmd setacl --acl-private s3://bucket/some/path/*.ext
Then I go to S3 Management Console, select the file, and click on Properties, I'm sure the Open/Download permission is un-checked for Everyone.
But copy the link https://s3-us-west-2.amazonaws.com/bucket/some/path/blah.ext
, and paste into a new browser, it still can be open/download.
What I am missing?
Best Answer
Check your bucket policy by going to bucket, then click on Properties and Edit Bucket Policy. If you have something like this:
it means that you are allowing everyone to download every files in this bucket.
According to the document:
That is the reason why an anonymous user can still open/download your files.
You can prevent it by adding a new policy like below: