1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
Best practice is to have no publicly-accessible objects. All the "Block Public Access" settings should be on and you should not have any "Publicly accessible" warnings.
If you need to allow people access to objects from their web browser, the two secure options are:
- If the objects are assets for a public website, make the bucket a CloudFront origin. Don't use S3's built-in static website hosting (URLs like http://<bucket-name>.s3-website-<region>.amazonaws.com or http://<bucket-name>.s3-website.<region>.amazonaws.com) as it doesn't support http.
- If the objects are private then your app should vend presigned URLs providing secure temporary access.
Your URL "https://bucket.s3.us-north-8.amazonaws.com/img.png" looks more like an S3 REST API URL, which would be used from an application either directly or more typically via an API package such as Boto3 for Python. In this case your application would get secure access to S3 objects with IAM credentials.
Contenus pertinents
- Réponse acceptéedemandé il y a un an
- demandé il y a un an
- demandé il y a 7 mois
- AWS OFFICIELA mis à jour il y a 2 ans
- Comment puis-je accorder l’accès public en lecture à certains objets de mon compartiment Amazon S3 ?AWS OFFICIELA mis à jour il y a 2 ans
- Comment puis-je changer la propriété des objets publics (anonymes) dans mon compartiment Amazon S3 ?AWS OFFICIELA mis à jour il y a 8 mois
But they mentioned that Amplify.Storage.GetURL is only to download image I want all user can acess my objects. just like other app even if you not loggged in you can access photos ex: twitter, instagram