How to restrict access to a bucket to specific IP address?
    • 14 Dec 2023
    • 1 Minute to read
    • PDF

    How to restrict access to a bucket to specific IP address?

    • PDF

    Article summary

    You can restrict access to objects in your bucket to specific IP address by attaching policy which contains allowed IP address range in the "Condition" statement.

    Below is a sample example of a policy which restricts access to two IP addresses.

    • 179.22.0.0/16 restricts all IP address within the /16 subnet &

    • 129.34.67.24/32 restricts just that specific IP address

    {
      "Id": "Policy1512590315712",
      "Version": "2012-10-17",
      "Statement": [
        {
          "Sid": "Stmt1512590314407",
          "Effect": "Deny",
          "Principal": {
            "AWS": "*"
          },
          "Action": "*",
          "Resource": [
            "arn:aws:s3:::my-bucket",
            "arn:aws:s3:::my-bucket/*"
          ],
          "Condition": {
            "NotIpAddress": {
              "aws:SourceIp": ["179.22.0.0/16","129.34.67.24/32"]
            }
          }
        }
      ]
    }


    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence