Feb 062015
 

A bucket policy that will deny access to anyone not coming from the specified IP addresses. Used in combination with IAM groups that allow access to S3, the net result will be that users will be allowed the access given to the group they belong to, but only if they are coming from one of the IP address specified in this policy, which is going to be attached to the bucket. Using an “Allow” policy, like in Amazon’s example, would allow anyone coming from those IPs full access, effectively defeating the purpose of group-based policies.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

(required)

(required)