The first thing is to make sure the “Public Access Block” are disabled. In the AWS console, go to your bucket, then “Permissions”, then “Block public access”.

Then set the bucket policy to this:

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::MYBUCKET/*"
        }
    ]
}

I work as a freelancer, so if you don’t want to do that kind of things yourself or don’t have the time, just drop me a line to hire me.