英文:
Serving content from S3 securely
问题
我正在使用Go编写一个Web应用程序,并且我正在使用Amazon S3来存储所有用户文件,包括个人资料图片、文本和音频文件。
然而,我在弄清楚如何以安全的方式完成这个任务方面遇到了困难。我想的是,在确保请求来自经过身份验证且具有访问所请求文件权限的用户之后,只需使用AWS Go库获取文件并将其写入HTTP请求。
类似这样的代码:
import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/s3"
"io"
)
func serveFile(file string, w http.ResponseWriter) {
svc := s3.New(session.New(), aws.NewConfig().WithRegion(config.AWS.Region))
params := &s3.GetObjectInput{
Bucket: aws.String("Bucket name"),
Key: aws.String(file),
}
resp, err := svc.GetObject(params)
n, err := io.Copy(w, resp.Body)
}
我没有太多使用AWS的经验,所以我不确定这是否是一个好的方法,但它是可行的。对于生产服务器来说,这是一个好的方法吗?是否有更好、更可靠的方法?
英文:
I'm writing a web application in go and I'm using amazon s3 to store all the user files, this include the profile pics and text and audio files.
However I'm struggling to understand what will be the correct way to do this securely. What I was thinking is after making sure the request comes from an authenticated user with access to the requested file, just use the aws go library to fetch the file and write it to the http request.
Something like this:
import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/s3"
"io"
)
func serveFile(file string, w http.ResponseWriter) {
svc := s3.New(session.New(), aws.NewConfig().WithRegion(config.AWS.Region))
params := &s3.GetObjectInput{
Bucket: aws.String("Bucket name"),
Key: aws.String(file),
}
resp, err := svc.GetObject(params)
n, err := io.Copy(w, resp.Body)
}
I don't have much experience working with AWS so I'm not sure this is even a good approach, but it works. Is this a good way to do it, for a production server? Is there a better, more reliable way?
答案1
得分: 6
这种方法可以工作,但它依赖于通过你的客户端进行代理的请求。
推荐的方法是使用签名 URL。这将创建一个 URL,该 URL 在你指定的时间段内有效,允许最终用户直接从 S3 下载文件。
你的密钥不会被暴露,因为 URL 只包含一个签名。
英文:
This method can work. But it relies on requests being proxied through your client.
The recommend way is to use signed urls. This creates a url that is valid for a time period that you specify that allows the end user to download a file directly from S3.
Your key is not exposed as the url contains just a signature.
答案2
得分: 0
这是一个好的解决方案,原因如下:
-
使用S3对客户端是透明的。换句话说,客户端不需要知道你在后端使用S3,除非有充分的理由。
-
如果明天你想将数据从S3迁移到其他数据存储,你只需要更改服务器端的代码,客户端不需要更新。
-
AWS凭证不会暴露给客户端,因此更安全。
英文:
This is a good solution for following reasons:
-
The fact that you are using S3 is transparent to the client. In other words, the client doesn't need to or should know that you are using S3 in backend, unless there is a good reason for this.
-
Tomorrow if you want to move your data from S3 to some other data store, you only need to change your server code. The client doesn't need to update.
-
AWS credentials aren't exposed to client, hence more security.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论