How to setup s3 bucket policy to access to limited IP’S ?

In an AWS environment, securing access to your S3 bucket is paramount to prevent unauthorized access to sensitive data. One way to enhance security is by implementing an S3 bucket policy that restricts access to specific IP addresses. This document provides a step-by-step guide on how to set up an S3 bucket policy to allow access only from certain IP addresses.

1. An AWS account with appropriate permissions to manage S3 buckets.

2. An existing S3 bucket that you want to secure.

3. Knowledge of the IP addresses that need access to the bucket.

1. Login to AWS Account:

Navigate to the AWS Management Console (https://aws.amazon.com/console/) and sign in to your AWS account using valid credentials.

2. Access the S3 Bucket:

Once logged in, locate and select the S3 service from the list of available AWS services.

3. Choose the Desired Bucket:

From the list of buckets, select the specific S3 bucket for which you want to configure the access policy.

4. Navigate to Bucket Permissions:

Within the selected bucket, locate and click on the "Permissions" tab or section.

5. Edit Bucket Policy:

Under the "Permissions" tab, locate the "Bucket Policy" section.

Click on the "Edit bucket policy" button to modify the existing policy or add a new one.

6. Configure the Bucket Policy:

In the policy editor, paste the following policy template:

Use this with the name of your S3 bucket.

Replace "IP_ADDRESS_1", "IP_ADDRESS_2", etc., with the specific IP addresses that should have access to the bucket.

Ensure correct JSON syntax and structure.

7. Save Changes:

After pasting the policy, click on the "Save changes" or "Save" button to apply the new bucket policy.

Copy the URL of a file stored in the S3 bucket.

Try to access/download the file from an IP address included in the policy.

Verify that the connection is successful, and the file can be downloaded.

Attempt to access/download the file from an IP address not included in the policy to ensure access is denied.

Implementing an S3 bucket policy to restrict access based on IP addresses adds an additional layer of security to your AWS resources. By following the steps outlined in this document, you can effectively control and limit access to your S3 buckets, helping to protect your data from unauthorized access.

Note: Always ensure that the IP addresses specified in the policy accurately reflect those that require access to the bucket. Regularly review and update the policy as necessary to maintain a secure environment.