j1n6/s3_ip_based_permission.md

Created November 26, 2014 11:39

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/j1n6/514950a7ccdd0a678273.js"></script>
Save j1n6/514950a7ccdd0a678273 to your computer and use it in GitHub Desktop.

Download ZIP

Allow a single IP to access S3 Bucket

Raw

s3_ip_based_permission.md

Only allow specific IP address to access this bucket via API or HTTP.

{
	"Version": "2008-10-17",
	"Id": "S3PolicyId1",
	"Statement": [
		{
			"Sid": "IPDeny",
			"Effect": "Deny",
			"Principal": {
				"AWS": "*"
			},
			"Action": "s3:*",
			"Resource": "arn:aws:s3:::mybucketname/*",
			"Condition": {
				"NotIpAddress": {
					"aws:SourceIp": "xxx.xxx.xxx.xxx/32"
				}
			}
		}
	]
}