Most votes on amazon-web-services questions 2

Most votes on amazon-web-services questions 2. #11 Can an AWS Lambda function call another #12 How to safely upgrade an Amazon EC2 instance from t1.micro to large? #13 Permission denied (publickey) when SSH Access to Amazon EC2 instance #14 AWS EFS vs EBS vs S3 (differences & when to use?) #15 Connect to Amazon EC2 file directory using Filezilla and SFTP #16 Difference between Amazon EC2 and AWS Elastic Beanstalk #17 SSH to Elastic Beanstalk instance #18 EC2 instance has no public DNS #19 How do you add swap to an EC2 instance? #20 Make a bucket public in Amazon S3

Read all the top votes questions and answers in a single page.

#11: Can an AWS Lambda function call another (Score: 367)

Created: 2015-07-30 Last updated: 2016-05-06

Tags: node.js, amazon-web-services, aws-lambda, aws-api-gateway

I have 2 Lambda functions - one that produces a quote and one that turns a quote into an order. I’d like the Order lambda function to call the Quote function to regenerate the quote, rather than just receive it from an untrusted client.

I’ve looked everywhere I can think of - but can’t see how I’d go about chaining or calling the functions…surely this exists!

#11 Best answer 1 of Can an AWS Lambda function call another (Score: 407)

Created: 2015-07-31

I found a way using the aws-sdk.

var aws = require('aws-sdk');
var lambda = new aws.Lambda({
  region: 'us-west-2' //change to your region

  FunctionName: 'name_of_your_lambda_function',
  Payload: JSON.stringify(event, null, 2) // pass params
}, function(error, data) {
  if (error) {
    context.done('error', error);

You can find the doc here:

#11 Best answer 2 of Can an AWS Lambda function call another(Score: 126)

Created: 2015-07-30 Last updated: 2016-07-04

You should chain your Lambda functions via SNS. This approach provides good performance, latency and scalability for minimal effort.

Your first Lambda publishes messages to your SNS Topic and the second Lambda is subscribed to this topic. As soon as messages arrive in the topic, second Lambda gets executed with the message as it’s input parameter.

See Invoking Lambda functions using Amazon SNS notifications.

You can also use this approach to Invoke cross-account Lambda functions via SNS.

See also original question in stackoverflow

#12: How to safely upgrade an Amazon EC2 instance from t1.micro to large? (Score: 355)

Created: 2011-05-05 Last updated: 2012-05-21

Tags: amazon-ec2, amazon-web-services, upgrade

I have an Amazon EC2 micro instance (t1.micro). I want to upgrade this instance to large. This is our production environment, so what is the best and risk-free way to do this?

Is there any step by step guide to do this?

#12 Best answer 1 of How to safely upgrade an Amazon EC2 instance from t1.micro to large? (Score: 520)

Created: 2011-11-23

Using AWS Management Console:

  • Right-Click on the instance
  • Instance Lifecycle > Stop
  • Wait…
  • Instance Management > Change Instance Type

#12 Best answer 2 of How to safely upgrade an Amazon EC2 instance from t1.micro to large?(Score: 305)

Created: 2011-05-05 Last updated: 2012-07-29

From my experience, the way I do it is create a snapshot of your current image, then once its done you’ll see it as an option when launching new instances. Simply launch it as a large instance at that point.

This is my approach if I do not want any downtime(i.e. production server) because this solution only takes a server offline only after the new one is up and running(I also use it to add new machines to my clusters by using this approach to only add new machines). If Downtime is acceptable then see Marcel Castilho’s answer.

See also original question in stackoverflow

#13: Permission denied (publickey) when SSH Access to Amazon EC2 instance (Score: 355)

Created: 2013-08-31 Last updated: 2016-11-12

Tags: amazon-web-services, ssh, amazon-ec2

I want to use my Amazon ec2 instance but faced the following error:

Permission denied (publickey).

I have created my key pair and downloaded .pem file.


chmod  600 pem file.

Then, this command

ssh -i /home/kashif/serverkey.pem  [email protected]

But have this error:

Permission denied (publickey)

Also, how can I connect with filezilla to upload/download files?

#13 Best answer 1 of Permission denied (publickey) when SSH Access to Amazon EC2 instance (Score: 589)

Created: 2013-08-31 Last updated: 2015-05-27

This error message means you failed to authenticate.

These are common reasons that can cause that:

  1. Trying to connect with the wrong key. Are you sure this instance is using this keypair?
  2. Trying to connect with the wrong username. ubuntu is the username for the ubuntu based AWS distribution, but on some others it’s ec2-user (or admin on some Debians, according to Bogdan Kulbida’s answer)(can also be root, fedora, see below)
  3. Trying to connect the wrong host. Is that the right host you are trying to log in to?

Note that 1. will also happen if you have messed up the /home/<username>/.ssh/authorized_keys file on your EC2 instance.

About 2., the information about which username you should use is often lacking from the AMI Image description. But you can find some in AWS EC2 documentation, bullet point 4. :

Use the ssh command to connect to the instance. You’ll specify the private key (.pem) file and [email protected]_dns_name. For Amazon Linux, the user name is ec2-user. For RHEL5, the user name is either root or ec2-user. For Ubuntu, the user name is ubuntu. For Fedora, the user name is either fedora or ec2-user. For SUSE Linux, the user name is root. Otherwise, if ec2-user and root don’t work, check with your AMI provider.

Finally, be aware that there are many other reasons why authentication would fail. SSH is usually pretty explicit about what went wrong if you care to add the -v option to your SSH command and read the output, as explained in many other answers to this question.

#13 Best answer 2 of Permission denied (publickey) when SSH Access to Amazon EC2 instance(Score: 48)

Created: 2013-12-12 Last updated: 2014-03-12

In this case the problem arises from lost Key Pair. About this:

  • There’s no way to change Key Pair on an instance. You have to create a new instance that uses a new Key Pair.
  • You can work around the problem if your instance is used by an application on Elastic Beanstalk.

You can follow these steps:

  1. Access to AWS Management Console
  2. Open Elastic Beanstalk Tab
  3. Select your application from All Applications Tab
  4. From left side menù select Configuration
  5. Click on the Instances Gear
  6. In Server Form check the EC2 Key Pair input and select your new Key Pair. You may have to refresh the list in order to see a new Key Pair you’re just created.
  7. Save
  8. Elastic Beanstalk will create for you new instances associated with the new key pair.

In general, remember you have to allow your EC2 instance to accept inbound SSH traffic.

To do this, you have to create a specific rule for the Security Group of your EC2 instance. You can follow these steps.

  1. Access to AWS Management Console
  2. Open EC2 Tab
  3. From Instances list select the instance you are interested in
  4. In the Description Tab chek the name of the Security Group your instance is using.
  5. Again in Description Tab click on View rules and check if your Security Group has a rule for inbound ssh traffic on port 22
  6. If not, in Network & Security menù select Security Group
  7. Select the Security Group used by your instance and the click Inbound Tab
  8. On the left of Inbound Tab you can compose a rule for SSH inbound traffic:
  • Create a new rule: SSH
  • Source: IP address or subnetwork from which you want access to instance
  • Note: If you want grant unlimited access to your instance you can specify, although Amazon not recommend this practice
  1. Click Add Rule and then Apply Your Changes
  2. Check if you’re now able to connect to your instance via SSH.

Hope this can help someone as helped me.

See also original question in stackoverflow

#14: AWS EFS vs EBS vs S3 (differences & when to use?) (Score: 349)

Created: 2015-04-11 Last updated: 2020-12-16

Tags: amazon-web-services, amazon-s3, storage, amazon-ebs, amazon-efs

As per the title of this question, what are the practical differences between AWS EFS, EBS and S3?

My understanding of each:

  • S3 is a storage facility accessible any where
  • EBS is a device you can mount onto EC2
  • EFS is a file system you can mount onto EC2

So why would I use EBS over EFS? Seem like they have the same use cases but minor semantic differences? Although EFS is replicated across AZs where as EBS is just a mounted device. I guess my understanding of EBS is lacking hence I’m unable to distinguish.

Why choose S3 over EFS? They both store files, scale and are replicated. I guess with S3 you have to use the SDK where as with EFS being a file system you can you standard I/O methods from your programming language of choice to create files. But is that the only real difference?

#14 Best answer 1 of AWS EFS vs EBS vs S3 (differences & when to use?) (Score: 495)

Created: 2015-04-11 Last updated: 2017-11-16

One word answer: MONEY :D

1 GB to store in US-East-1: (Updated at 2016.dec.20)

  • Glacier: $0.004/Month (Note: Major price cut in 2016)
  • S3: $0.023/Month
  • S3-IA (announced in 2015.09): $0.0125/Month (+$0.01/gig retrieval charge)
  • EBS: $0.045-0.1/Month (depends on speed - SSD or not) + IOPS costs
  • EFS: $0.3/Month

Further storage options, which may be used for temporary storing data while/before processing it:

  • SNS
  • SQS
  • Kinesis stream
  • DynamoDB, SimpleDB

The costs above are just samples. There can be differences by region, and it can change at any point. Also there are extra costs for data transfer (out to the internet). However they show a ratio between the prices of the services.

There are a lot more differences between these services:

EFS is:

  • Generally Available (out of preview), but may not yet be available in your region
  • Network filesystem (that means it may have bigger latency but it can be shared across several instances; even between regions)
  • It is expensive compared to EBS (~10x more) but it gives extra features.
  • It’s a highly available service.
  • It’s a managed service
  • You can attach the EFS storage to an EC2 Instance
  • Can be accessed by multiple EC2 instances simultaneously
  • Since 2016.dec.20 it’s possible to attach your EFS storage directly to on-premise servers via Direct Connect. ()

EBS is:

  • A block storage (so you need to format it). This means you are able to choose which type of file system you want.
  • As it’s a block storage, you can use Raid 1 (or 0 or 10) with multiple block storages
  • It is really fast
  • It is relatively cheap
  • With the new announcements from Amazon, you can store up to 16TB data per storage on SSD-s.
  • You can snapshot an EBS (while it’s still running) for backup reasons
  • But it only exists in a particular region. Although you can migrate it to another region, you cannot just access it across regions (only if you share it via the EC2; but that means you have a file server)
  • You need an EC2 instance to attach it to
  • New feature (2017.Feb.15): You can now increase volume size, adjust performance, or change the volume type while the volume is in use. You can continue to use your application while the change takes effect.

S3 is:

  • An object store (not a file system).
  • You can store files and “folders” but can’t have locks, permissions etc like you would with a traditional file system
  • This means, by default you can’t just mount S3 and use it as your webserver
  • But it’s perfect for storing your images and videos for your website
  • Great for short term archiving (e.g. a few weeks). It’s good for long term archiving too, but Glacier is more cost efficient.
  • Great for storing logs
  • You can access the data from every region (extra costs may apply)
  • Highly Available, Redundant. Basically data loss is not possible (99.999999999% durability, 99.9 uptime SLA)
  • Much cheaper than EBS.
  • You can serve the content directly to the internet, you can even have a full (static) website working direct from S3, without an EC2 instance

Glacier is:

  • Long term archive storage
  • Extremely cheap to store
  • Potentially very expensive to retrieve
  • Takes up to 4 hours to “read back” your data (so only store items you know you won’t need to retrieve for a long time)

As it got mentioned in JDL’s comment, there are several interesting aspects in terms of pricing. For example Glacier, S3, EFS allocates the storage for you based on your usage, while at EBS you need to predefine the allocated storage. Which means, you need to over estimate. ( However it’s easy to add more storage to your EBS volumes, it requires some engineering, which means you always “overpay” your EBS storage, which makes it even more expensive.)

Source: AWS Storage Update – New Lower Cost S3 Storage Option & Glacier Price Reduction

#14 Best answer 2 of AWS EFS vs EBS vs S3 (differences & when to use?)(Score: 115)

Created: 2015-09-04 Last updated: 2020-05-08

I wonder why people are not highlighting the MOST compelling reason in favor of EFS. EFS can be mounted on more than one EC2 instance at the same time, enabling access to files on EFS at the same time.

(Edit 2020 May, EBS supports mounting to multiple EC2 at same time now as well, see:

See also original question in stackoverflow

#15: Connect to Amazon EC2 file directory using Filezilla and SFTP (Score: 348)

Created: 2013-05-24

Tags: amazon-web-services, amazon-ec2, filezilla

I have created an AWS EC2 Instance and I want to be able to upload files to the server directory using FileZilla in the simplest and most straightforward fashion possible.

#15 Best answer 1 of Connect to Amazon EC2 file directory using Filezilla and SFTP (Score: 799)

Created: 2013-06-16 Last updated: 2020-02-27

I’ve created a video tutorial for this. Just check:

Connect to Amazon EC2 file directory using FileZilla and SFTP, Video Tutorial

Summary of above video tutorial:

  1. Edit (Preferences) > Settings > Connection > SFTP, Click “Add key file”

  2. Browse to the location of your .pem file and select it.

  3. A message box will appear asking your permission to convert the file into ppk format. Click Yes, then give the file a name and store it somewhere.

  4. If the new file is shown in the list of Keyfiles, then continue to the next step. If not, then click “Add keyfile…” and select the converted file.

  5. File > Site Manager Add a new site with the following parameters:

    Host: Your public DNS name of your EC2 instance, or the public IP address of the server.

    Protocol: SFTP

    Logon Type: Normal

    User: From the docs: “For Amazon Linux, the default user name is ec2-user. For RHEL5, the user name is often root but might be ec2-user. For Ubuntu, the user name is ubuntu. For SUSE Linux, the user name is root. For Debian, the user name is admin. Otherwise, check with your AMI provider.”

    Press Connect Button - If saving of passwords has been disabled, you will be prompted that the logon type will be changed to ‘Ask for password’. Say ‘OK’ and when connecting, at the password prompt push ‘OK’ without entering a password to proceed past the dialog.

    Note: FileZilla automatically figures out which key to use. You do not need to specify the key after importing it as described above.

If you use Cyberduck follow this.

Check this post if you have any permission issues.

#15 Best answer 2 of Connect to Amazon EC2 file directory using Filezilla and SFTP(Score: 49)

Created: 2018-03-01 Last updated: 2019-04-17

This is very simple if you used your pem file ( I am using MacOS / windows user can follow the same steps.)

  1. Just download your FileZilla (I’m using MacOS - and downloaded free version, that’s good enough)

  2. Open Site Manager in FileZilla (⌘S) -> New Site

enter image description here

  1. Put your host name in the Host field.

Example: eca-**-**-**

  • Select Protocol as SFTP - SSH File Transfer Protocol

  • Select Logon type as Key File

  • Put your user name in the User field : for me it’s ubuntu (find your ssh user)


OS vs Username

Amazon - ec2-user

Centos - centos

Debian - admin or root

Fedora - ec2-user

RHEL - ec2-user or root

SUSE - ec2-user or root

Ubuntu - ubuntu or root

  1. For Key file field, browse your pem file: and click Connect

enter image description here

  1. That’s all :) have fun!


(Remember to allow SSH connection to your IP address from EC2) If not you will get connecting error message!

Note: Allowing your IP to connect your aws instance via SFTP

EC2 -> SecurityGroups -> SSH -> Inbound rules -> Edit -> Add Rule ( SSH|TCP|22|My IP(it’s get ip automatically | name for rule) -> Save

See also original question in stackoverflow

#16: Difference between Amazon EC2 and AWS Elastic Beanstalk (Score: 337)

Created: 2014-09-21 Last updated: 2020-10-19

Tags: amazon-web-services, amazon-ec2, hosting, amazon-elastic-beanstalk

Can someone please explain what is the difference between EC2 and Beanstalk. I want to know regarding SaaS, PaaS and IaaS.

To deploy a web application in Wordpress I need a scalable hosting service. If there anything better than my purpose, please let me know as well.

FYI - I want to host and deploy multiple Wordpress and Drupal sites.

I do not want to give more time for the server and focus on development. But the cloud hosting needs to be auto scalable.

#16 Best answer 1 of Difference between Amazon EC2 and AWS Elastic Beanstalk (Score: 363)

Created: 2014-09-21 Last updated: 2017-04-27

First off, EC2 and Elastic Compute Cloud are the same thing.

Next, AWS encompasses the range of Web Services that includes EC2 and Elastic Beanstalk. It also includes many others such as S3, RDS, DynamoDB, and all the others.


EC2 is Amazon’s service that allows you to create a server (AWS calls these instances) in the AWS cloud. You pay by the hour and only what you use. You can do whatever you want with this instance as well as launch n number of instances.

Elastic Beanstalk

Elastic Beanstalk is one layer of abstraction away from the EC2 layer. Elastic Beanstalk will setup an “environment” for you that can contain a number of EC2 instances, an optional database, as well as a few other AWS components such as a Elastic Load Balancer, Auto-Scaling Group, Security Group. Then Elastic Beanstalk will manage these items for you whenever you want to update your software running in AWS. Elastic Beanstalk doesn’t add any cost on top of these resources that it creates for you. If you have 10 hours of EC2 usage, then all you pay is 10 compute hours.

Running Wordpress

For running Wordpress, it is whatever you are most comfortable with. You could run it straight on a single EC2 instance, you could use a solution from the AWS Marketplace, or you could use Elastic Beanstalk.

What to pick?

In the case that you want to reduce system operations and just focus on the website, then Elastic Beanstalk would be the best choice for that. Elastic Beanstalk supports a PHP stack (as well as others). You can keep your site in version control and easily deploy to your environment whenever you make changes. It will also setup an Autoscaling group which can spawn up more EC2 instances if traffic is growing.

Here’s the first result off of Google when searching for “elastic beanstalk wordpress”:

#16 Best answer 2 of Difference between Amazon EC2 and AWS Elastic Beanstalk(Score: 3)

Created: 2021-04-15 Last updated: 2021-04-15

It’s the difference between Infrastructure as a Service (EC2) and Platform as a Service (Elastic Beanstalk).

With PaaS, you typically only manage an application and its data. With IaaS, you also manage the runtime environment for the application and the Operating System on which that environment runs.

With IaaS, you’re also much more involved in low-level decisions around network configuration, load balancing, and other ‘infrastructure’ components. In PaaS, these are abstracted away from you. For example, with PaaS, the decision to include load balancing is typically a checkbox (and not even that in some cases where it’s the default). With IaaS, you would have to configure and spin up these components yourself, connect them together, and manage them, by elasticsearch course

At the risk of grossly simplifying things, if you have a few developers and no sysadmins then you’d typically prefer PaaS. If you also have sysadmins then you might prefer IaaS as it gives you more choices, more granularity of control, and is likely to be cheaper.

In the diagram below, you manage the layers in teal while the service provider (AWS in this case) manages the layers in orange.

See also original question in stackoverflow

#17: SSH to Elastic Beanstalk instance (Score: 326)

Created: 2011-01-20 Last updated: 2018-11-01

Tags: amazon-web-services, amazon-ec2, ssh, amazon-elastic-beanstalk

I just signed up for Amazon’s new Elastic Beanstalk offering. What I can’t figure out is how to SSH to a Beanstalk instance. I don’t have a private key because Beanstalk generated the instance on my behalf.

#17 Best answer 1 of SSH to Elastic Beanstalk instance (Score: 538)

Created: 2011-02-07 Last updated: 2020-12-17

I found it to be a 2-step process. This assumes that you’ve already set up a keypair to access EC2 instances in the relevant region.

Configure Security Group

  1. In the AWS console, open the EC2 tab.

  2. Select the relevant region and click on Security Group.

  3. You should have an elasticbeanstalk-default security group if you have launched an Elastic Beanstalk instance in that region.

  4. Edit the security group to add a rule for SSH access. The below will lock it down to only allow ingress from a specific IP address.

    SSH | tcp | 22 | 22 |

Configure the environment of your Elastic Beanstalk Application

  1. If you haven’t made a key pair yet, make one by clicking Key Pairs below Security Group in the ec2 tab.
  2. In the AWS console, open the Elastic Beanstalk tab.
  3. Select the relevant region.
  4. Select relevant Environment
  5. Select Configurations in left pane.
  6. Select Security.
  7. Under “EC2 key pair:”, select the name of your keypair in the Existing Key Pair field.

If after these steps you see that the Health is set Degraded

enter image description here

that’s normal and it just means that the EC2 instance is being updated. Just wait on a few seconds it’ll be Ok again

enter image description here

Once the instance has relaunched, you need to get the host name from the AWS Console EC2 instances tab, or via the API. You should then be able to ssh onto the server.

$ ssh -i path/to/ [email protected]

Note: For adding a keypair to the environment configuration, the instances' termination protection must be off as Beanstalk would try to terminate the current instances and start new instances with the KeyPair.

Note: If something is not working, check the “Events” tab in the Beanstalk application / environments and find out what went wrong.

#17 Best answer 2 of SSH to Elastic Beanstalk instance(Score: 138)

Created: 2014-12-24 Last updated: 2016-05-26

Elastic beanstalk CLI v3 now supports direct SSH with the command eb ssh. E.g.

eb ssh your-environment-name

No need for all the hassle of setting up security groups of finding out the EC2 instance address.

There’s also this cool trick:

eb ssh --force

That’ll temporarily force port 22 open to, and keep it open until you exit. This blends a bit of the benefits of the top answer, without the hassle. You can temporarily grant someone other than you access for debugging and whatnot. Of course you’ll still need to upload their public key to the host for them to have access. Once you do that (and as long as you’re inside eb ssh), the other person can

ssh [email protected]

See also original question in stackoverflow

#18: EC2 instance has no public DNS (Score: 320)

Created: 2014-01-06 Last updated: 2016-03-25

Tags: amazon-web-services, amazon-ec2, amazon-vpc

A guy I work with gave me the EC2 credentials to log onto his EC2 console. I was not the one who set it up. Some of the instances show a public dns name and others have a blank public DNS. I want to be able to connect to the instances that have a blank public DNS. I have not been able to figure out why these show up as blank.

#18 Best answer 1 of EC2 instance has no public DNS (Score: 636)

Created: 2014-10-16 Last updated: 2016-08-26

I had the same problem an solved it. Have a look at the step-by-step instructions:

  • Go to
  • Go To Services -> VPC
  • Open Your VPCs
  • select your VPC connected to your EC2 and
  • select Actions => Edit DNS Hostnames —> Change DNS hostnames: to YES

Hope this helps!


#18 Best answer 2 of EC2 instance has no public DNS(Score: 60)

Created: 2014-06-19

There is a actually a setting in the VPC called “DNS Hostnames”. You can modify the VPC in which the EC2 instance exists, and change this to “Yes”. That should do the trick.

I ran into this issue yesterday and tried the above answer from Manny, which did not work. The VPC setting, however, did work for me.

Ultimately I added an EIP and I use that to connect.

See also original question in stackoverflow

#19: How do you add swap to an EC2 instance? (Score: 309)

Created: 2013-06-18 Last updated: 2017-07-04

Tags: amazon-web-services, amazon-ec2, out-of-memory

I’m currently running an ec2 micro instance and i’ve been finding that the instance occasionally runs out of memory.

Other than using a larger instance size, what else can be done?

#19 Best answer 1 of How do you add swap to an EC2 instance? (Score: 595)

Created: 2013-06-18 Last updated: 2018-05-02

A fix for this problem is to add swap (i.e. paging) space to the instance.

Paging works by creating an area on your hard drive and using it for extra memory, this memory is much slower than normal memory however much more of it is available.

To add this extra space to your instance you type:

sudo /bin/dd if=/dev/zero of=/var/swap.1 bs=1M count=1024
sudo /sbin/mkswap /var/swap.1
sudo chmod 600 /var/swap.1
sudo /sbin/swapon /var/swap.1

If you need more than 1024 then change that to something higher.

To enable it by default after reboot, add this line to /etc/fstab:

/var/swap.1   swap    swap    defaults        0   0

#19 Best answer 2 of How do you add swap to an EC2 instance?(Score: 220)

Created: 2014-03-07 Last updated: 2016-05-05

Swap should take place on the Instance Storage (ephemeral) disk and not an EBS device. Swapping will cause a lot of IO and will increase cost on EBS. EBS is also slower than the Instance Store and the Instance Store comes free with certain types of EC2 Instances.

It will usually be mounted to /mnt but if not run

sudo mount /dev/xvda2 /mnt

To then create a swap file on this device do the following for a 4GB swapfile

sudo dd if=/dev/zero of=/mnt/swapfile bs=1M count=4096

Make sure no other user can view the swap file

sudo chown root:root /mnt/swapfile
sudo chmod 600 /mnt/swapfile

Make and Flag as swap

sudo mkswap /mnt/swapfile
sudo swapon /mnt/swapfile

Add/Make sure the following are in your /etc/fstab

/dev/xvda2      /mnt    auto    defaults,nobootwait,comment=cloudconfig 0	2
/mnt/swapfile swap swap defaults 0 0

lastly enable swap

sudo swapon -a

See also original question in stackoverflow

#20: Make a bucket public in Amazon S3 (Score: 299)

Created: 2010-03-30 Last updated: 2018-07-29

Tags: amazon-web-services, amazon-s3

How can I set a bucket in Amazon S3 so all the files are publicly read-only by default?

#20 Best answer 1 of Make a bucket public in Amazon S3 (Score: 479)

Created: 2011-01-17 Last updated: 2013-08-24

You can set a bucket policy as detailed in this blog post:

As per @robbyt’s suggestion, create a bucket policy with the following JSON:

  "Version": "2008-10-17",
  "Statement": [{
    "Sid": "AllowPublicRead",
    "Effect": "Allow",
    "Principal": { "AWS": "*" },
    "Action": ["s3:GetObject"],
    "Resource": ["arn:aws:s3:::bucket/*" ]

Important: replace bucket in the Resource line with the name of your bucket.

#20 Best answer 2 of Make a bucket public in Amazon S3(Score: 58)

Created: 2012-06-08 Last updated: 2019-03-04

Amazon provides a policy generator tool:

After that, you can enter the policy requirements for the bucket on the AWS console:

See also original question in stackoverflow

  1. This page use API to get the relevant data from stackoverflow community.
  2. Content license on this page is CC BY-SA 3.0.
  3. score = up votes - down votes.