S3 buckets in Wasabi are created with private access by default. Private access means the bucket contents can be accessed, downloaded, or written by users who have appropriate permissions assigned to them through an IAM policy or access control list (ACL).
An S3 bucket is typically considered public if any user can access the bucket and successfully list its contents. A public bucket will list all of its objects and prefixes to any user who sends a request.
You can confirm that your bucket is private or public by entering the bucket URL in a new browser session. All S3 buckets in Wasabi have a predictable URL, such as:
https://s3.us-east-1.wasabisys.com/[bucket_name]
Or:
https://[bucket_name].s3.us-east-1.wasabisys.com/
These examples show the bucket URL in Wasabi's us-east-1 storage region. Use the appropriate Wasabi service URL as described in Service URLs for Wasabi's Storage Regions.
A private bucket that is NOT open to public access through the Internet will return an Access Denied message:
A public bucket will return the first 1000 stored objects. For example:
