By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

download restricted s3 bucket object

0

Can S3 bucket objects or images be prevented from being downloaded through a web browser?"

Topics
Storage
Tags
Amazon Simple Storage Service
Language
English
Kamrul
asked 8 months ago288 views
1 Answer
0

I don't think so.

The only way to deny download is by denying the s3:GetObject action either on IAM Policies or S3 Bucket Policies.

You can then deny for specific user, group or role through IAM Policies by simpling attaching the policy to the identity you want to or in S3 Bucket Policies using the "Principal" keyword. You can yet combine these with specific conditions and deny only for a principal under specific conditions, but there is not a condition which evaluates if the operation is performed through console or cli or sdk or the API.

Check here for all s3 available conditions.

You could deny every identity which has console access from downloading files and provide them with a role to for them to use to donwload through CLI or SDK.

Hope this helps you, let me me know if I can still help.

Arthur Lopes
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content