From b5e57a7aa67033f1ba0bdb351d0563a384dd3d63 Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Thu, 15 Sep 2016 11:35:38 +0200
Subject: [PATCH] example file for public read only S3 bucket policy

This is the locked down S3 policy as created by Benetech for their Secure
App Generator project.
---
 examples/public-read-only-s3-bucket-policy.json | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 examples/public-read-only-s3-bucket-policy.json

diff --git a/examples/public-read-only-s3-bucket-policy.json b/examples/public-read-only-s3-bucket-policy.json
new file mode 100644
index 00000000..9316bbe0
--- /dev/null
+++ b/examples/public-read-only-s3-bucket-policy.json
@@ -0,0 +1,11 @@
+{
+    "Version":"2012-10-17",
+    "Statement":[
+        {"Sid":"AddPerm",
+         "Effect":"Allow",
+         "Principal":"*",
+         "Action":"s3:GetObject",
+         "Resource":"arn:aws:s3:::examplebucket/fdroid/*"
+        }
+    ]
+}