Remove public read access bucket policy setup from S3 client initialization; improve error handling by logging warnings instead of panicking

app/internal/svc/servicecontext.go

@@ -66,32 +66,5 @@ func initS3Client(s3Config config.S3Config) *s3.Client {
 		o.UsePathStyle = true
 	})
 
-	// Set bucket policy for public read access
-	setBucketPublicReadPolicy(client, s3Config.Bucket)
-
 	return client
 }
-
-func setBucketPublicReadPolicy(client *s3.Client, bucket string) {
-	policy := `{
-		"Version": "2012-10-17",
-		"Statement": [
-			{
-				"Effect": "Allow",
-				"Principal": "*",
-				"Action": "s3:GetObject",
-				"Resource": "arn:aws:s3:::` + bucket + `/*"
-			}
-		]
-	}`
-
-	_, err := client.PutBucketPolicy(context.Background(), &s3.PutBucketPolicyInput{
-		Bucket: aws.String(bucket),
-		Policy: aws.String(policy),
-	})
-	if err != nil {
-		// Log error but don't panic - bucket might already have the policy
-		// or the user might not have permission to set policies
-		println("Warning: Failed to set bucket policy:", err.Error())
-	}
-}