example file for public read only S3 bucket policy

This is the locked down S3 policy as created by Benetech for their Secure
App Generator project.

diff --git a/examples/public-read-only-s3-bucket-policy.json b/examples/public-read-only-s3-bucket-policy.json
new file mode 100644 (file)
index 0000000..9316bbe
--- /dev/null
+++ b/examples/public-read-only-s3-bucket-policy.json
@@ -0,0 +1,11 @@
+{
+    "Version":"2012-10-17",
+    "Statement":[
+        {"Sid":"AddPerm",
+         "Effect":"Allow",
+         "Principal":"*",
+         "Action":"s3:GetObject",
+         "Resource":"arn:aws:s3:::examplebucket/fdroid/*"
+        }
+    ]
+}