How to create a policy to restrict access to specific IP addresses for an S3 bucket?

To create a policy to restrict access to specific IP addresses for an S3 bucket, you can follow these steps:

Sign in to the AWS Management Console and navigate to the Amazon S3 console.
Select the S3 bucket for which you want to restrict access.
Click on the "Permissions" tab and then click on "Bucket Policy."
In the bucket policy editor, you can add the following policy to restrict access to specific IP addresses:

{
    "Version": "2012-10-17",
    "Id": "RestrictAccess",
    "Statement": [
        {
            "Effect": "Deny",
            "Principal": "*",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::your-bucket-name/*",
                "arn:aws:s3:::your-bucket-name"
            ],
            "Condition": {
                "NotIpAddress": {
                    "aws:SourceIp": [
                        "192.168.1.1/32",
                        "10.10.10.0/24"
                    ]
                }
            }
        }
    ]
}

In this policy, replace "your-bucket-name" with the name of your S3 bucket and replace the IP addresses in the "aws:SourceIp" field with the specific IP addresses you want to allow or restrict access to.

Once you have added the policy, click on "Save" to apply the changes.

By following these steps, you can create a policy to restrict access to specific IP addresses for an S3 bucket.