> ## Documentation Index
> Fetch the complete documentation index at: https://gcore.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Make S3 bucket private

> Removes the public read policy from an S3 bucket, making all objects private and accessible only with proper authentication credentials. After this operation, anonymous users will no longer be able to access bucket contents via HTTP requests.

Deprecated: Use PATCH /v4/`object_storages`/{`storage_id`}/buckets/{`bucket_name`} with {"policy": {"public": false}} instead.



## OpenAPI

````yaml /api-reference/services_documented/object_storage_api.yaml delete /storage/provisioning/v1/storage/{storage_id}/s3/bucket/{bucket_name}/policy
openapi: 3.1.0
info:
  title: Gcore OpenAPI – Object Storage API
  description: >-
    This OpenAPI is an aggregated OpenAPI specification that unifies all Gcore
    products into a single file. It covers Cloud, CDN, DNS, WAAP, DDoS
    Protection, Object Storage, Streaming, and FastEdge services.
  version: '2026-05-15T06:37:28.230198+00:00'
servers:
  - url: https://api.gcore.com
security:
  - APIKey: []
tags:
  - name: Notifications
    x-displayName: Notifications
  - name: SSHKeys
    x-displayName: SSHKeys
  - name: Storage Locations
    x-displayName: Storage Locations
  - name: Storage
    x-displayName: Storage
  - name: Storage Statistics
    x-displayName: Storage Statistics
  - name: S3-Compatible Storage
    x-displayName: S3-Compatible Storage
  - name: SFTP Storage
    x-displayName: SFTP Storage
paths:
  /storage/provisioning/v1/storage/{storage_id}/s3/bucket/{bucket_name}/policy:
    delete:
      tags:
        - Storage
      summary: Make S3 bucket private
      description: >-
        Removes the public read policy from an S3 bucket, making all objects
        private and accessible only with proper authentication credentials.
        After this operation, anonymous users will no longer be able to access
        bucket contents via HTTP requests.


        Deprecated: Use PATCH
        /v4/`object_storages`/{`storage_id`}/buckets/{`bucket_name`} with
        {"policy": {"public": false}} instead.
      operationId: storageBucketPolicyDeleteHttp
      parameters:
        - name: storage_id
          in: path
          required: true
          schema:
            type: integer
            format: int64
        - name: bucket_name
          in: path
          required: true
          schema:
            type: string
      responses:
        '204':
          description: >-
            A SuccessResponse is a response that shows that operations was
            completed successfully
          content: {}
        '400':
          description: ErrResponse
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrResponse'
      deprecated: true
components:
  schemas:
    ErrResponse:
      type: object
      properties:
        error:
          type: string
      description: ErrResponse is an error response
  securitySchemes:
    APIKey:
      description: >-
        API key for authentication. Make sure to include the word `apikey`,
        followed by a single space and then your token.

        Example: `apikey 1234$abcdef`
      type: apiKey
      in: header
      name: Authorization

````