- Newest
- Most votes
- Most comments
I under stand you r use case and I've previously answered this question for cloudformation/cdk at here.
It'd be two step process via s3api, here below is how would you do it(my cli is setup for us-east-1 and I created bucket in us-east-2):
aws s3api create-bucket --bucket <mybucket>--region us-east-1 --create-bucket-configuration LocationConstraint="us-east-2" --object-ownership BucketOwnerPreferred --profile <cli_profile>
aws s3api delete-public-access-block --bucket <mybucket> --profile <cli_profile>
Refer: Create Bucket API
Hope it helps.
Comment here if you have additional questions, happy to help.
Abhishek
As stated in the documentation you provided:
S3 Block Public Access - If your specific use case requires granting public access to your S3 resources, you can disable Block Public Access. You can create a new bucket with Block Public Access enabled, then separately call the DeletePublicAccessBlock API. To use this operation, you must have the s3:PutBucketPublicAccessBlock permission. By default, all Block Public Access settings are enabled for new buckets. To avoid inadvertent exposure of your resources, we recommend keeping the S3 Block Public Access settings enabled. For more information about S3 Block Public Access, see Blocking public access to your Amazon S3 storage in the Amazon S3 User Guide.
You must first create the bucket and then disable the Block Public Access Configuration.
Be aware that you can grant public access to the whole bucket without even enabling ACLs. And it's the recommended way.
Hope this answers your question. If I can still help somehow let know.
Relevant content
- Accepted Answerasked 8 months ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 23 days ago
"You must first create the bucket and then disable the Block Public Access Configuration." First of all, thanks for your answer. As I understand from your answer, then I conclude that we cannot use the --acl public-read/write command when creating an s3 bucket under default conditions. Am I right?
Yes, I also got to that conclusion. This option of the command might be removed or changed somehow in the future.
"Be aware that you can grant public access to the whole bucket without even enabling ACLs. And it's the recommended way."
How????