Make S3 Multi-region access point public

Question

I created a multi-region access point for two buckets, both of which are public. However, when I try to access the objects using the multi-region hostname, I get an XML response stating that the request is invalid. I have checked off all the boxes for public access and created a policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AddPerm",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:Get*",
                "s3:List*"
            ],
            "Resource": [
                "[my arm]/object/*",
                "[my arm]"
            ]
        }
    ]
}

And still I get the same response. I have also seen the following question which asks the same thing, but even the accepted answer does not seem to have given a correct solution: How to create a public Multi-Region Access Point policy?

What is the correct way to make the multi-region access point public? Or am I trying to access the objects incorrectly?

What I'm doing is: [alias].accesspoint.s3-global.amazonaws.com/[object name]

Is that the correct syntax?

Did you set an access policy on the Multi-Region access point itself? [Docs here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-policies.html#access-points-policy-examples) — Seth E, May 19 '23 at 21:59
I ended up cloning buckets instead of creating a multi-region access point. — Hazem, May 22 '23 at 14:43

Make S3 Multi-region access point public

0 Answers0