How to configure aws S3, so the objects can only be accessible from my Domain and block access from a third party website

How to configure aws S3, so the objects can only be accessible from my Domain and block access from a third party website
AWS S3

Let me first explain what we are going to do in this blog, when we are storing images to the s3 bucket we have some images that should not be accessed from another website, like in my case I was storing icons that we have designed for our website so we were using it in our website but those were also accessible from publicly and anyone can use those images on in their website directly from our icon URL,

so what I have configured is, icons can only be accessed from a domain that I have verified which means my domain and no other website can use those images in their website now

so let me show you how I did it

Step 1 – Go to the S3 bucket and permission management

eagerminds aws

open the s3 bucket which one you want to secure and click on the permission tab as it showed in above image

Step 2 – Edit Bucket policy

mehul prajapati aws

Scroll down in the permission tab and there you will see bucket policy, click on the edit bucket policy

Step 3- Write Referer Condition

{
    "Version": "2012-10-17",
    "Id": "Policy1626782155551",
    "Statement": [
        {
            "Sid": "Stmt1626782153471",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::tests3website/*",
            "Condition": {
                "StringLike": {
                    "aws:Referer": "https://www.eagerminds.in"
                }
            }
        }
    ]
}

Now the final part is here, you have written this carefully, there is a written condition and inside the condition, I have written a referer, what does referer mean the request to images are only valid if those requests are coming from the website that is given in the referer, and don’t forget to changes values to your like resource and referer

you can also write multiple website names in the website inside array example given below

{"aws:Referer":["http://www.example.com/*","http://www.example.com/*"]}

if you are having requests from multiple domains then you can replace the referer block as above

here you can read more for AWS learning https://www.eagerminds.in/

Thank you For Reading! Keep Learning.

Last updated on October 23rd, 2021.

More from AWS