1. 13
    Make the contents of an S3 bucket deployed with CDK public
    1m 20s
⚠️ This lesson is retired and might contain outdated information.

Make the contents of an S3 bucket deployed with CDK public

Tomasz Łakomy
InstructorTomasz Łakomy
Share this video with your friends

Social Share Links

Send Tweet

Files uploaded to an S3 bucket are not accessible by default from the Internet.

Which makes sense - by default they should be secure, but since we'd like to host a logo file to be displayed in our app, we need to make the bucket public.

Luckily, with CDK we need to literally change a single line of code - in this quick lesson we're going to learn how to make the contents of an S3 bucket public.

Instructor: [0:00] Right now, we have an S3 bucket deployed to AWS and we can see the bucket over here. Now, if I go ahead and upload a file...I'm going to upload the egghead logo, hit Upload. It's done. I would like to click over and click on the object URL, but if click on that, I would get an Access Denied.

[0:16] The reason why I'm not able to access the file is that by default, every single S3 bucket is secure. What that means is that the contents of the S3 buckets are not accessible from the Internet by default. Luckily, with CDK, we can fix that on our own with a single line of code.

[0:29] If I go over here to my logo bucket, I can add a prop which is publicReadAccess. We can see that over here that it's going to grant public read access to all objects in the bucket. By default, is set to false so I'm going to set it to true. Save that, open up the terminal and run cdk diff.

[0:44] We can see over here that this line of code is going to create a new bucket policy. This bucket policy is going to allow an action of S3 getObject to be executed by every principle. That is why there is a star here. What that means is the contents of this bucket are going to be accessible by everyone from the Internet. This is exactly what we want.

[1:02] Now that the contents of our bucket are going to be public, let's go ahead and deploy it. Let we run cdk deploy. It's going to ask us whether we want to allow this action and yes, we want to.

[1:11] After the successful deployment, let's go back to our bucket and we can see over here that this bucket has been made public. If I click on the logo and click over here, I would be able to access it.