We Keep Coding

Cannot open the AWS s3 bucket Object URL using google chrome how to fix this issue?

I uploaded a pdf version file into the AWS s3 bucket bucket and then tried to open that object url using Google Chrome. The following error occurred. How to fix this issue? 
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>5FEKVSVK2TYS3FGR</RequestId>
<HostId>+Boe80nRJgbHZveVARRp40JiRcFu1aOIcKO5o3sHf1zuTc/HQ4qxTJO3LiDGdyYVFX7yIMy0kbk=</HostId>
</Error>

Please make sure that your bucket is publically accessible in the Permissions tab
Use the following as your bucket policy: (please use your bucket name in the Resource field)
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::Bucket-Name/*"
]
}
]
}
Now see if it works. Please let us know.
If you are still having errors, this link must be helpful: https://aws.amazon.com/premiumsupport/knowledge-center/s3-static-website-endpoint-error/

How to provide public access to an aws s3 bucket?

Amazon s3 I have created a bucket and set cloudwatch.Logs are being generated for audit and trace. But with s3, able to share individual file download links only. Any option to set complete bucket /folder to public and users can access that? I tried updating bucket policy but no use.
Policy I tried.
{
"Id": "Policy1397632521960",
"Statement": [
{
"Sid": "Stmt1397633323327",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucketnm/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
But still below issue.
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>C3A5489DCEA8A2EA</RequestId>
<HostId>qjKSgWX6fnyPlAiCgq0RxxqK2ZEHZqEewahAlsdIAgznNRmezwif6NoP67FD9ysuH1psi4lO4m8=</HostId>
</Error>

Unable to view an image in S3 in browser

My goal is to upload a jpg file to s3 bucket and I've done using boto3 library.
When I was trying to open that file in s3 bucket using the displayed link I'm facing an error.
ERROR:
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>7C702F46589DF223</RequestId>
<HostId>
/CbLJfLthWd2n6br7m1fkSy3W71yyKMWavtOxk/8h/afUr3w09cXl5e1eU8lppXSP7AU90jbymE=
</HostId>
</Error>
Edit1:
After following answer suggested by #CaffeinatedCod3r, I'm getting following error.

It looks like you are trying to view the image in browser.
For that, you need to
Open the S3 object in your AWS.
Go to properties of the S3 object.
Go to Metadata section.
There will be a property called Content-Type. It's initial value might be binary/stream. Change that to the type of image like image/jpeg, image/png
or application/pdf (if you are dealing with pdf files) etc.
Now you should be able to view the image or file in the browser tab instead of downloading.

Before you download a file using generated web URL, you need to apply public permissions using "bucket policy" tool.
In order to apply the bucket policy, perform the following steps:
Open S3 management console https://console.aws.amazon.com/s3/
Choose a bucket, click "Permissions", click "Bucket policy".
Apply the policy using AWS policy generator.
You have to apply policy for GetObject.
Note:This will give download permission to everyone who have got the link.
A sample policy would look like this
{
"Id": "PolicyID",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StmtID",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::<YOUR_BUCKET_NAME>",
"Principal": "*"
}
]
}
Edit after #mondyfy answer the policy would be
{
"Id": "PolicyID",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StmtID",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::<YOUR_BUCKET_NAME>/*",
"Principal": "*"
}
]
}

I have also got a similar issue following the answer suggested by #CaffeinatedCod3r, Here I have a slight update on the above answer and it's working, maybe it will be helpful for others:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicRead",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<YOUR_BUCKET_NAME>/*"
}
]
}
Note: In order to view any bucket object in the browser we need to make sure that we have to set Content-Type of media that the browser needs to render as suggested by #Jarvis and object or bucket should have public read access.

AWS S3 static bucket hosting-Internal Server Error

I have set up an AWS S3 bucket to host a static website with my own URL. All permissions on the bucket and the files inside are public. I confirmed this by opening the public link for the index.html page. When I type in my URL (ianpritchard.com), I get an internal server error. I put logging on the bucket, and see an access denied on my request. Does anyone have any idea why? I did set up A records in my hosted zone.
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>xxx</RequestId>
<HostId> xxxx </HostId>
</Error>
The bucket policy is here -
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::xxxx/"
}
]
}

Problem with your setup is your IP is pointing to corporate IP instead of AWS.
There is a clean setup procedure given by AWS for hosting domains,
https://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html
in 4 steps.
Before You Begin
Step 1: Register a Domain
Step 2: Create and Configure Buckets and Upload Data
Step 3: Add Alias Records for example.com and www.example.com
Step 4: Testing
Hope it helps.

You policy looks odd, resource should be xxx/* and principal should *:
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"publicRead",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::xxxx/*"]
}
]
}
See some example here
Not sure why/how you're able to get index.html, post your public link for the index.html page:

Using AWS CloudFront with S3 to server js and css files

I have setup AWS CloudFront and S3 as it's origin.
I have made the files I want to access in the bucket public, but I am getting a 403 Forbidden error/Access denied XML when I try to access these files.
A link is simply:
http://dd9rhibbjdy7s.cloudfront.net/assets123/app.js
I have Googled everywhere but still can't find the solution.
Does any one have a clue how to get this working?
The exact response when browsing to it is:
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>74E36027507DACD6</RequestId>
<HostId>
uUxkyTmpJbfxk1UJTf9bZmtkA/Vqq5O4eRruiG8zpC6uWn7tA1ffd5bnM4GcKD9Hp0BPKqKsBKQ=
</HostId>
</Error>

Add this bucket policy to your S3 Bucket, remember to change the bucket name.
{
"Version":"2008-10-17",
"Statement":[{
"Sid":"AllowPublicRead",
"Effect":"Allow",
"Principal": {
"AWS": "*"
},
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::YOUR-BUCKET-NAME/*"
]
}
]
}

One of my collegues suggested I use the policy generator and came up with this:
{
"Id": "Policy1439469599074",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1439469594186",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::assets123/*",
"Principal": "*"
}
]
}
Which has made it all work :)