You really need to think carefully about whether you want to expose an S3 bucket publicly. There are probably some valid reasons out there, but if you're not an AWS expert, it's likely that you're making a mistake. If I find out the name of your bucket I could cost you thousands of dollars of egress tonight before you wake up in the morning. It's _especially_ likely to happen to hosters of open source binaries because of people absent-mindedly downloading artifacts from CI jobs. No malice required. They make the mistake but you pay the bill.
Public S3 buckets are not a good choice for that because of the "anyone could bankrupt you" reason above. That is generally NOT the use case for S3, and it's the reason why private is the default and there are alerts for public buckets. For public access, within AWS, you'd want to put CloudFront in front of the bucket and only allow external users to access CloudFront. However, there's a better option...
Outside of AWS, Cloudflare has a service called R2 which is just like S3, except you DON'T pay egress! It's the same thing, but without the "anyone could bankrupt you" aspect. You pay for the storage but you don't pay per download. I highly recommend this for hosting open source binaries. You can still keep a copy in a private S3 bucket for safe keeping if you don't trust Cloudflare long-term.
