AWS S3 Hands-On Project | Buckets, Versioning, Permissions and Static Website Hosting
Introduction
In the previous article, we learned the theory behind Amazon S3.
Now it is time to see Amazon S3 in action.
In this hands-on project we will:
Create an S3 bucket
Upload files
Understand Objects inside S3.
Enable Bucket Versioning
Create IAM User
Control access using Bucket Policies
Host a static Website using S3.
By the end of this article, we will understand some of the most commonly used Amazon S3 features.
Step 1: Create an S3 Bucket
Login to AWS Console.
Search for S3.
Open the dashboard.
Click on Create Bucket
Provide:
- Bucket Name: Give your bucket a name, for example:
my-learning-notes-example
Bucket names must be globally unique.
For now leave rest all remaining as default.
Click on "Create Bucket"
Step 2: Explore the Bucket
Open the bucket you just created.
Initially, you will notice Objects (0), because the bucket is empty.
Think of a bucket as a folder that stores files.
Step 3: Upload your first Object
- Click on Upload
Then Add files.
Choose any file.
Click on Upload
After the upload finishes, you will see the file inside the bucket.
In Amazon S3, every uploaded file is called an Object.
Now if you see in the bucket, you will notice Object is not Zero anymore. Because we have just uploaded a file.
Step 4: Explore Object Options
Click on the uploaded Object.
Explore the options like:
- Open: Select the file you have created and click on Open option. It will open the file and give you what is written inside the file.
- Download: Select the file and click on download, it will download the file for you.
- Likewise if you select the Delete option, it will ask you to confirm the delete file and then it will proceed to delete the file.
This helps you understand how S3 manages objects.
Step 5: Enable Bucket Versioning
Suppose you upload demo-learning-s3.txt
Later, you modify the file and upload it again.
Without versioning, the old file is overwritten.
Versioning allows you to preserve previous versions.
Go to Bucket → Properties
Scroll to Bucket Versioning
Click on Edit.
Choose Enable.
Click on save changes.
Now if you check the Properties, you can see that the versioning is enabled.
Step 6: Upload a New Version
Now modify your file. For example
Before:
AWS S3 Notes version 1
After:
AWS S3 notes version 2
Upload the file again using the same filename.
Now open the Object.
Click on Versions
You can see multiple versions.
This is similar to maintaining history in Git.
Step 7: Create an IAM User
In AWS Console, search for IAM.
Go to IAM Users -> Create User.
Give a name: demo-s3-user
Assign a password.
Click on Create User.
Step 8: Verify Permissions
Open an Incognito browser.
Login using the IAM user credentials.
Try accessing the Amazon S3 bucket. Try creating a bucket.
Initially, you will receive permission errors.
This happens because the user has no S3 permissions.
Step 9: Grant S3 Permissions
Login as root/Admin user.
Open IAM -> IAM Users -> demo-s3-user
Click on Add Permissions
Attach AmazonS3FullAccess.
Click on Save.
Now refresh the IAM user session.
The demo-s3-user can now access S3.
Step 10: Explore Bucket Permissions
Open:
S3 → Bucket → Permissions
You will notice:
Bucket Policies
Block Public Access
Access Control
These settings provide an additional security layer.
Even if IAM permissions are accidentally misconfigured, Bucket Policies can still protect your bucket.
Step 11: Enable Static Website Hosting
Create a simple index.html file.
Upload this file to your bucket.
Now go to:
Bucket → Properties
Scroll to Static Website Hosting.
Click on Edit.
Enable Static Website Hosting.
Index Document: index.html
Click on Save Changes.
AWS will generate a website endpoint.
Try accessing the website end-point URL. You will notice that, you cannot access it even if you have S3 full access.
Because there are still permissions from S3 that are blocking you.
Step 12: Remove Public Access Block
Go to Permissions
Locate Block Public Access.
Click on Edit.
Edit the settings and disable public access.
Confirm the warning.
When you try to access the URL again, you still see the access is blocked and gives "403 Forbidden" error.
Although the website hosting feature is enabled, the files inside the bucket are still private.
AWS requires explicit permission before users on the internet can read objects inside an S3 bucket.
To solve this, we need to create a Bucket Policy.
Step 13: Add Bucket Policy for Public Read
Go to
Permissions → Bucket Policy → Edit
Here click on Add new statement
Then you will see a template like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Principal": {},
"Effect": "Allow",
"Action": [],
"Resource": []
}
]
}
We need to fill these values.
Let us first try to understand the fields.
Sid: It is name used to identify the policy statement.
"Sid": "PublicReadGetObject"
Principal: Defines who the rule applies to.
"Principal": "*"
The "*" means anyone on the internet.
Effect: Specifies whether AWS should allow or deny the action.
"Effect": "Allow"
Action: Defines which permission we are granting.
"Action": "s3:GetObject"
This allows users to read objects inside the bucket.
Resource: Specifies which bucket objects the rules applies to. For example:
"Resource": "arn:aws:s3:::YOUR_BUCKET_NAME/*"
Replace YOUR_BUCKET_NAME with your actual bucket name.
The "/*" means apply this rule to all objects inside the bucket.
My bucket name is: my-learning-notes-example
Then the policy becomes:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Principal": "*",
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-learning-notes-example/*"
}
]
}
Click on Save Changes.
> Note: Replace my-learning-notes-example with your own bucket name.
Step 14: Access the Website
Now go back to:
Bucket → Properties
Scroll down to Static Website Hosting.
Copy the Bucket Website Endpoint URL and paste it in a browser.
Now instead of receiving the 403 Forbidden error, your webpage should load successfully.
You should now see:
Congratulations 🎉
You have successfully hosted your first static website using Amazon S3.
Key Takeaways
In this hands-on project, we learned how to:
✅ Create an S3 bucket
✅ Upload objects
✅ Understand bucket and object concepts
✅ Enable versioning
✅ Create IAM users
✅ Understand permissions
✅ Explore bucket policies
✅ Host a static website
What's Next?
In the next article, we will explore another important AWS service and continue building our cloud learning journey.