From e35379f4d06c0080dbad47d14caf678b75542e62 Mon Sep 17 00:00:00 2001
From: arian <arian@2ari.ca>
Date: Fri, 27 Feb 2026 02:20:06 +0000
Subject: [PATCH] read-only policy without listing all objects in bucket

---
 readonly-policy.json | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 readonly-policy.json

diff --git a/readonly-policy.json b/readonly-policy.json
new file mode 100644
index 0000000..776c57f
--- /dev/null
+++ b/readonly-policy.json
@@ -0,0 +1,14 @@
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Principal": {
+                "AWS": ["*"]
+            },
+            "Action": ["s3:GetObject"],
+            "Resource": ["arn:aws:s3:::movies/*"]
+
+        }
+    ]
+}