1 00:00:06,840 --> 00:00:08,641 - So now let's take a look at another demo 2 00:00:08,641 --> 00:00:10,731 of creating a bucket policy 3 00:00:10,731 --> 00:00:13,366 to make a bucket publicly readable. 4 00:00:13,366 --> 00:00:16,448 So here we are back at the AWS console. 5 00:00:16,448 --> 00:00:20,274 I'm in the S3 service with all of my buckets listed. 6 00:00:20,274 --> 00:00:22,454 I'm going to click through 7 00:00:22,454 --> 00:00:25,603 to the bucket that we've created for these demos. 8 00:00:25,603 --> 00:00:28,529 You can see that we have our AWS live lessons bucket. 9 00:00:28,529 --> 00:00:32,696 We have our mobile device jpg object that we've uploaded 10 00:00:34,491 --> 00:00:36,408 and if I click on that, 11 00:00:37,979 --> 00:00:40,299 and take a look at this link here, 12 00:00:40,299 --> 00:00:43,988 we'll see that it comes up as access denied. 13 00:00:43,988 --> 00:00:47,633 That's because by default S3 is secure by default. 14 00:00:47,633 --> 00:00:50,332 You have explicitly grant permission 15 00:00:50,332 --> 00:00:54,814 for someone to be able to read objects from that bucket. 16 00:00:54,814 --> 00:00:58,191 And so we could modify the permissions 17 00:00:58,191 --> 00:01:01,536 of that particular object using ACLs, 18 00:01:01,536 --> 00:01:04,757 but if we wanna just make a blanket statement 19 00:01:04,757 --> 00:01:07,707 and say that everything in this particular bucket 20 00:01:07,707 --> 00:01:09,123 is publicly readable, 21 00:01:09,123 --> 00:01:12,542 then we would do that with a bucket policy. 22 00:01:12,542 --> 00:01:16,390 So I'm going to go in here to the bucket itself, 23 00:01:16,390 --> 00:01:19,967 scroll down here to the permissions of that bucket 24 00:01:19,967 --> 00:01:22,960 and I'm going to add a bucket policy. 25 00:01:22,960 --> 00:01:24,982 Now I've already prepared one for this. 26 00:01:24,982 --> 00:01:26,695 I'm going to paste that in 27 00:01:26,695 --> 00:01:29,080 and again this is just like the policies we've seen. 28 00:01:29,080 --> 00:01:33,713 We have a version, we have our collection of statements. 29 00:01:33,713 --> 00:01:36,325 In this particular case we only have one statement, 30 00:01:36,325 --> 00:01:38,577 the asterisk there, the wildcard says 31 00:01:38,577 --> 00:01:42,380 anyone in the world can download an object 32 00:01:42,380 --> 00:01:46,613 from anywhere within this particular bucket. 33 00:01:46,613 --> 00:01:50,594 So I'm going to go ahead and save that. 34 00:01:50,594 --> 00:01:52,046 Now that it's saved I wanna make sure 35 00:01:52,046 --> 00:01:54,379 that I save this here again. 36 00:01:55,693 --> 00:01:58,300 Come over here and when we refresh this, 37 00:01:58,300 --> 00:02:00,730 we should be able to see that image. 38 00:02:00,730 --> 00:02:01,585 And there we go. 39 00:02:01,585 --> 00:02:03,455 Now we're able to see that image. 40 00:02:03,455 --> 00:02:06,221 This is a really great example too 41 00:02:06,221 --> 00:02:10,388 of using S3 for things like static assets for websites. 42 00:02:11,622 --> 00:02:14,565 If you wanted to host all of your imagery, 43 00:02:14,565 --> 00:02:18,981 your product portfolio, CSS, JavaScript, fonts, 44 00:02:18,981 --> 00:02:20,021 whatever it is, 45 00:02:20,021 --> 00:02:23,186 S3 is a perfect place to store static assets. 46 00:02:23,186 --> 00:02:25,798 That way you can leverage the high availability 47 00:02:25,798 --> 00:02:28,973 and fault-tolerance and performance of S3, 48 00:02:28,973 --> 00:02:31,893 have your users download these objects directly 49 00:02:31,893 --> 00:02:35,091 rather than having them get them from your web server. 50 00:02:35,091 --> 00:02:38,401 You can reduce the load on your backend services 51 00:02:38,401 --> 00:02:41,401 by just pushing that load off to S3. 52 00:02:42,475 --> 00:02:46,642 So that is a bucket policy being applied to a bucket 53 00:02:48,049 --> 00:02:50,799 in Amazon Simple Storage Service.