I am managing the image in S3, but I want to limit the IP and allow access only from my server, but when I put the IP in the condition of the configuration, 403 is returned and I cannot access it.If you remove the condition, it will appear.
Could you tell me specifically how to set it up, where to check it, and (if any) the necessary commands?
Thank you for your cooperation.
{
"Version": "2012-10-17",
"Id": "Policy 1527266936788",
"Statement": [
{
"Sid": "Stmt 11111111,
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3::xxxxx/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "xx.xx.xxx.xxx/24"
}
}
}
]
}
Limiting access to a specific IP address is also an example, and the scope described in the questionnaire should not be a problem.One thing that bothered me was that it was not mentioned in the questionnaire.In the description of the IP address condition operator ,
The IP address condition operator allows you to build a Condition element that restricts access based on a comparison between a key and an IPv4 or IPv6 address or range of IP addresses. Use them in conjunction with the aws:SourceIp key.The value must be in standard CIDR format (for example, 203.0.113.0/24 or 2001:DB8:1234:5678::/64).
Yes, "xx.xx.xxx.xxx/24"
is hidden, but if it is a 24-bit CIDR, it must be "xx.xx.xxx.0/24"
.Are you configuring a standard CIDR format?
© 2024 OneMinuteCode. All rights reserved.