S3 Public & Private Access using the JavaScript SDK

Question

Hi!

I'm looking to implement the aws-sdk on my web application with 2 layers of security.
1. Some images should be publicly accessible (For example company logos). This is to prevent needing to re-authorise images constantly on each page load
2. Some images should be private and only shown if authorised (e.g more confidential images relating to a company)

Is there a better way for me to do this? If not, with my current setup it appears that even when I set CannedACL to private it always has the object set to public when in S3. I've attached my configuration and usage below, any help would be really appreciated!

![Bucket Settings](/media/postImages/original/IMIRW_qXm4S6apbkGuA5PuOw)
![Bucket Policy](/media/postImages/original/IMQ5cLs69FRVWxlPT2XRe72Q)
![CORS Config](/media/postImages/original/IMAlDGKUvFS9Klf1B6U9ui8Q)
![Usage in code](/media/postImages/original/IMuZC_bhO-TZG4D5kDVPveiw)

Thanks!

Answer

**Option 1:** You could do subfolders for the s3 buckets one for the public and one for private and set the bucket policy open for the public and internal for private.

**Option 2:** You could also use two separate S3 buckets. One for public assets and one for private assets You don't pay by the bucket so no big deal to have two buckets.

**Note:** It may be better to go with option 2 so you don't accidentally modify the S3 bucket policy to allow access to the private side. I like to separate mine so I can have public access turned off on the private one. Then I provide access to the items in the private bucket with IAM.

S3 Public & Private Access using the JavaScript SDK

相关内容