Can I control WEB (not admin) users access to specific folders on my static S3 website?

0

I have a very simple S3 website. I would like to allow public access to the root, "css", "javascript" folders, but restrict access to the "account" folder. The account folder has subfolders containing pages that are different for EACH web user. The subfolders are named after each username (i.e. "Bill", "Dave", "Jill", "Heather", etc.). My question is:

  1. Is this possible?
  2. Which AWS services should I use? I have tried AWS Cognito (User Pools) and have my S3 bucket up and running. I just can't figure out how to connect the dots so to speak. All the docs I have read and videos I have watched reference admin users, not simple WEB VIEWERS. I do like Cognito's feature of allowing users to sign up by themselves, but I need to know what I should study to make it all work. I assume in the end I'll need to have a bucket policy that includes: ........ "Resource": [ "arn:aws:s3:::my-bucket-name/${aws:username}/*" ] Am I on the right track? Can I just use Cognito User Pools and a Bucket policy only or do I also need CloudFront, Lambda, other, services as well?
1 Answer
1

Haven't tried this myself, but this blog may give you pointers on how to accomplish what you are trying - https://aws.amazon.com/blogs/networking-and-content-delivery/authorizationedge-how-to-use-lambdaedge-and-json-web-tokens-to-enhance-web-application-security/

profile pictureAWS
EXPERT
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions