By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

S3 Public & Private Access using the JavaScript SDK

0

Hi!

I'm looking to implement the aws-sdk on my web application with 2 layers of security.

  1. Some images should be publicly accessible (For example company logos). This is to prevent needing to re-authorise images constantly on each page load
  2. Some images should be private and only shown if authorised (e.g more confidential images relating to a company)

Is there a better way for me to do this? If not, with my current setup it appears that even when I set CannedACL to private it always has the object set to public when in S3. I've attached my configuration and usage below, any help would be really appreciated!

Bucket Settings Bucket Policy CORS Config Usage in code

Thanks!

Topics
StorageAWS Well-Architected Framework
Tags
Amazon Simple Storage ServiceSecurity
Language
English
Benjenk126
asked a year ago605 views
1 Answer
0

Option 1: You could do subfolders for the s3 buckets one for the public and one for private and set the bucket policy open for the public and internal for private.

Option 2: You could also use two separate S3 buckets. One for public assets and one for private assets You don't pay by the bucket so no big deal to have two buckets.

Note: It may be better to go with option 2 so you don't accidentally modify the S3 bucket policy to allow access to the private side. I like to separate mine so I can have public access turned off on the private one. Then I provide access to the items in the private bucket with IAM.

Evan
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content