英文:
Do not access image url in buckt s3 outside the application
问题
使用直接从S3存储桶获取的图像进行渲染。但是可以从Reactjs应用程序之外进行访问。
如何防止这些S3 URL 被从应用程序之外访问?
未正确验证的登录
英文:
To render images I'm using direct from the S3 bucket. But access can be done from outside the Reactjs application.
How do I prevent these S3 URLs from being accessed from outside the application?
Incorrectly authenticated logins
答案1
得分: 1
你似乎想要从Amazon S3存储桶中提供图像,但只希望在人们使用您的应用程序时才能访问这些图像。
您可以按照以下方式操作:
- 将图像保留在S3存储桶中,将其设置为“私有”——不要公开存储桶
- 当您的应用程序引用S3中的对象时,应该生成一个Amazon S3预签名URL,这将为Amazon S3中的私有对象提供有时限的访问权限。
预签名URL将为存储在S3存储桶中的私有对象提供临时访问权限。您的应用程序可以通过使用允许访问该对象的Access Key和Secret Key生成预签名URL。生成预签名URL仅需几行代码,无需对AWS进行API调用。
英文:
It appears that you want to serve images from an Amazon S3 bucket, but you only want these images to be accessed if people are using your application.
You can do this as follows:
- Keep the images in S3 bucket as 'private' -- do not make the bucket public
- When your application refers to an object in S3, it should generate an Amazon S3 pre-signed URLs, which provide time-limited access to private objects in Amazon S3
The pre-signed URL will provide temporary access to a private object stored in the S3 bucket. Your application can generate the pre-signed URL by using an Access Key and Secret Key from credentials that are permitted to access the object. Generating a pre-signed URL only takes a couple of lines of code and does not require an API call to AWS.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论