Contents x
      How to restrict access to a bucket to specific IP address?
      • 14 Dec 2023
      • 1 Minute to read
      • Print
      • PDF
      Contents

      How to restrict access to a bucket to specific IP address?

      • Updated on 14 Dec 2023
      • 1 Minute to read
      • Print
      • PDF
      Article summary

      You can restrict access to objects in your bucket to specific IP address by attaching policy which contains allowed IP address range in the "Condition" statement.

      Below is a sample example of a policy which restricts access to two IP addresses.

      • 179.22.0.0/16 restricts all IP address within the /16 subnet &

      • 129.34.67.24/32 restricts just that specific IP address

      {
  "Id": "Policy1512590315712",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1512590314407",
      "Effect": "Deny",
      "Principal": {
        "AWS": "*"
      },
      "Action": "*",
      "Resource": [
        "arn:aws:s3:::my-bucket",
        "arn:aws:s3:::my-bucket/*"
      ],
      "Condition": {
        "NotIpAddress": {
          "aws:SourceIp": ["179.22.0.0/16","129.34.67.24/32"]
        }
      }
    }
  ]
}

      What's Next
      Copyright © 2024 by Wasabi Technologies LLC
      75 Arlington Street, Suite 810, Boston, MA 02116 USA
      All Rights Reserved
      Visit us at https://wasabi.com.
      WASABI and the WASABI logo are trademarks of Wasabi Technologies LLC and may not be used without permission of Wasabi Technologies. All other names are used for identification purposes only and are trademarks or registered trademarks of their respective companies.

      Information presented herein is subject to change without notice. Companies, names, and data used in examples are fictitious unless otherwise noted. No part of this information may be reproduced or transmitted in any form by means electronic or mechanical, for any purpose, without express written permission of Wasabi Technologies.