How to restrict s3 bucket for specific domain name or ip address

In this tutorial we are going to allow only Selected domain URL or Ip address to access files In S3 Bucket policy

1) Do the following Points

• Create Bucket demobucket321
• Make It Public
• Upload a jpg File 

2) Go to Bucket policy and add below content

Note: This policy is for IP Address Only & change highlighted syntax according your requirement 

{
    "Version": "2012-10-17",
    "Id": "Policy_For_IP_Address",
    "Statement": [
        {
            "Sid": "IP_Allow_for_bucket",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::demobucket321/*",
            "Condition": {
                "IpAddress": {
                    "aws:SourceIp": [
                        "10.90.10.20",
                        "18.25.48.12"
                    ]
                }
            }
        }
    ]
}

3) Go to Bucket policy and add below content

Note: This policy is for Domain URL Only & change highlighted syntax according your requirement

 {
  "Version":"2012-10-17",
  "Id":"Policy_For_Domain_URL",
  "Statement":[
    {
      "Sid":"Domain_URL_Allow_for_bucket",
      "Effect":"Allow",
      "Principal":"*",
      "Action":"s3:GetObject",
      "Resource":"arn:aws:s3:::demobucket321/*",
      "Condition":{
        "StringLike":{"aws:Referer":["https://tech2towards.com/*","https://www.tech2towards.com/*","https://support.tech2towards.com/*"]}
      }
    }
  ]
}

4) Go to Bucket policy and add below content

Note: This is public bucket policy, anyone can access the object.

{"Version": "2008-10-17",
"Statement": [{"Sid": "Allow_Public_Read",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::demobucket321/*"
}]}

5) Check S3 url on browser