Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How to limit traffic to S3?

0

I want to restrict the number of downloads per IP address within a specific time frame for my S3 URLs. For example, each IP should only be allowed to download 5 times within 1 minute. Any requests exceeding this limit should be denied. Currently, I haven't found a similar configuration. Is it possible to implement such restrictions with S3?

Topics
StorageNetworking & Content Delivery
Tags
Networking & Content DeliveryAmazon Simple Storage Service
Language
English
asked 2 years ago1K views
2 Answers
4
Accepted Answer

No, not directly in S3.

However, you can serve your bucket content from a CloudFront distribution (AWS's CDN service) and associate AWS WAF to your distribution with rate-limit based rules per source IP address.

AWS
EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
EXPERT
reviewed 2 years ago
  • kerokero
    2 years ago

    Hi Yaniv, Thank you for your reply!!

4

Hello.

Such settings cannot be made with S3 alone.
If you introduce CloudFront and WAF, you can introduce rate-based rules, so I think you can set things like download limits at 1-minute intervals.
https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-rate-based.html

AWS WAF recently added the ability to set rate-based rules in 1-minute intervals.
https://aws.amazon.com/about-aws/whats-new/2024/03/aws-waf-rate-based-rules-configurable-time-windows/?nc1=h_ls

EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
EXPERT
reviewed 2 years ago
  • kerokero
    2 years ago

    Hi Riku, Thank you for your reply!!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content