How to create a bucket with Public Read Access?

Question

I´d like to enable Public Read-Access on all items in my Bucket that are in the \"public\" folder in the serverless.yml file.

Currently this is definition code i use

Answer 1

As the others have said, you need to implement a Bucket Policy such as this one:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadForGetBucketObjects",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::{NAME_OF_YOUR_BUCKET_HERE}/*"
        }
    ]
} 

This can be done in the AWS console by selecting the Bucket, then Permissions, then Bucket Policy. Looks like @Milan C. is indicating how to declare this in a serverless.yml file.

Answer 2

Instead of using CorsConfiguration on the bucket, you need to attach a bucket policy to it. Try the following:

Resources:
  AttachmentsBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: range-picker-bucket-${self:custom.stage}

  AttachmentsBucketAllowPublicReadPolicy:
    Type: AWS::S3::BucketPolicy
    Properties:
      Bucket: !Ref AttachmentsBucket
      PolicyDocument:
        Version: "2012-10-17"
        Statement: 
          - Effect: Allow
            Action: 
              - "s3:GetObject"
            Resource: 
              - !Join ['/', [!Ref AttachmentsBucket, 'public']]
            Principal: "*"