Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Granting access to specific S3 files for a few days

0

We have files stored in an S3 bucket which we want to programatically grant time-limited access to. Historically, we've used S3 pre-signed URLs for this; however, we've recently moved to using IAM instance roles rather than IAM users and so the maximum duration on these pres-signed URLs is 6 hours.

One option is to put this bucket behind a Cloudfront distribution and use Cloudfront signed URLs; however, this seems to require managing private keys and distributing them to each server (and not, say, using KMS). This seems more complicated and potentially error-prone than S3 pre-signed URLs. As these URLs will only be distributed internally, we wouldn't gain much from Cloudfront's caching etc.

We could also use S3 Object Lambda or proxy the object inside our application; however, these both require writing custom code.

Are there any good alternative solutions for our use case?

Temas
AlmacenamientoRedes y entrega de contenido
Etiquetas
Amazon Simple Storage ServiceAlmacenamientoAmazon CloudFront
Idioma
English
or-wwn
preguntada hace un mes263 visualizaciones
1 Respuesta
0

AWS S3 Access Grant gives you temporary access through CLI for S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants.html

Here is the FAQ that provides more information: https://aws.amazon.com/s3/faqs/#:~:text=Analyzer%20documentation.-,S3%20Access%20Grants,-Q%3A%C2%A0What%20are

AWS
vtjean
respondido hace un mes
profile picture
EXPERTO
Giovanni Lauria
revisado hace un mes
  • or-wwn
    hace un mes

    Thanks - I didn't know about Access Grant! Unfortuantely I don't think it quite works for us as many of the staff accessing these files will be non-technical, so at that point we'd have to proxy the files through a lambda/website (at which point we might as well just do the authentication there).

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante