Amazon S3 Restricting Access to some Specific HTTP Referrer
Go to links like this:
https://s3.console.aws.amazon.com/s3/buckets/tutorialspots/?region=us-east-1&tab=permissions
Then click Bucket Policy
Content:
{
"Version": "2012-10-17",
"Id": "http referer policy example",
"Statement": [
{
"Sid": "Explicit deny to ensure requests are allowed only from specific referer.",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::tutorialspots/*",
"Condition": {
"StringNotLike": {
"aws:Referer": [
"https://tutorialspots.com*",
"https://tutorialspots.net*",
"https://s3.amazonaws.com/tutorialspots*",
"https://tutorialspots.s3.amazonaws.com*"
]
}
}
}
]
}
Then click Save
Done!
Update: 06/21/2022
Public Bucket Policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Public Bucket Policy",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::tutorialspots/*"
}
]
}
Combine with above policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Public Bucket Policy",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::tutorialspots/*"
},
{
"Sid": "Explicit deny to ensure requests are allowed only from specific referer.",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::tutorialspots/*",
"Condition": {
"StringNotLike": {
"aws:Referer": [
"https://tutorialspots.com*",
"https://tutorialspots.net*",
"https://s3.amazonaws.com/tutorialspots*",
"https://tutorialspots.s3.amazonaws.com*"
]
}
}
}
]
}
