Browser based S3 POST upload on sites that I don't control

Question

I notice Amazon offers a S3 Object Lambda for GET requests to support customisation of requested S3 objects to avoid letting clients download the original S3 object.

Is there a anything that supports POST requests which would let you to allow/reject a browser based upload using your own custom code?

The reason for wanting this is to allow third-party websites to make authenticated browser based POST requests to a specific bucket with custom non-aws credentials which I could then validate before allowing those files to go to S3. This will mean my customers get to have browser based S3 POST uploads on their own sites without having to have AWS credentials.

Answer

Would be possible to front the S3 bucket with an API Gateway? Then you could associated authorization with custom Lambda authorizer satisfying your custom requirements.

Resources:
* https://docs.aws.amazon.com/apigateway/latest/developerguide/integrating-api-with-aws-services-s3.html
* https://aws.amazon.com/blogs/compute/patterns-for-building-an-api-to-upload-files-to-amazon-s3/

Answer

How about using EC2 or ECS to create a system that will run an S3 PutObject when a file is uploaded?  
With this, I think it is possible to upload without worrying so much about payload restrictions.  
User authentication can be easily configured using Amazon Cognito or other means.  
Frankly, I feel this is the easiest way to do it.  
https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/s3-example-photo-album.html

Browser based S3 POST upload on sites that I don't control

Relevanter Inhalt