How to make specific file types public using bucket policies?

This guide will show how to create a bucket policy that will allow certain file types within your bucket to be available publicly, while still maintaining security for other file types that may be present in your bucket.

To accomplish this, we can create a bucket policy targeting the specific file types that you wish to be public via a wildcard in the "Resource" ARN. For this example, we will allow both "jpg" and "png" files to be public in our bucket "examplebucket". It is important to note that objects and policies in your bucket are case-sensitive, so the below policy will work to make the object "test.jpg" public, but it will NOT make "test.JPG" public (unless "*.JPG" is added as a valid resource within the policy too):

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowPublicFileTypes",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": "s3:*",
      "Resource": [
        "arn:aws:s3:::examplebucket/*.jpg",
        "arn:aws:s3:::examplebucket/*.png"
      ]
    }
  ]
}

To apply this policy, go to your bucket settings, then to the "Policies" tab, paste in the policy, and ensure that you have modified the above text to reflect the correct "Resource" ARN for YOUR bucket name. Once saved, any matched resource file types will be available to the public.

If there are any questions about this implementation, please e-mail Support at support@wasabi.com for help.

Note: Wasabi has changed its default policy of allowing the ability to set public use of an object or bucket by default for paid accounts. By default, public use of a bucket, folder, or file is allowed only by certain paid (not trial) accounts. Please see Change in Ability to configure PUBLIC Access to objects and buckets for more details.