AWS S3 + Django:存储在S3中的文件可由用户访问
[英]AWS S3 + Django: Files stored in S3 accesible by user
问题描述
I have a (django) web application running in my own server. 
我有一个(django)Web应用程序在我自己的服务器上运行。 It has users, permissions and all that. 它拥有用户,权限等等。
Each user is able to upload files to my platform. 每个用户都可以将文件上传到我的平台。 A new entry is created in my DB for each file uploaded and the file is then stored in AWS S3. 在我的数据库中为每个上载的文件创建一个新条目,然后将该文件存储在AWS S3中。
Currently the bucket is set to public, so this means that anyone has access to any file in the bucket if they know the url, which is not ideal. 目前,存储桶设置为公共,因此这意味着任何人都可以访问存储桶中的任何文件,如果他们知道网址,这是不理想的。
What i want to do is to restrict the access to the files so that only the user who uploaded it has access to them (and only when they are logged in to my platform). 我想要做的是限制对文件的访问,以便只有上传它的用户才能访问它们(并且只有当他们登录到我的平台时)。
Does anyone know if there is a solution for this? 有谁知道这是否有解决方案? If so, how? 如果是这样,怎么样?
I have been looking into this, but i still have no clue how to implement it or if it is actually what im looking for. 我一直在研究这个,但我仍然不知道如何实现它,或者它实际上是我正在寻找的。 http://blogs.aws.amazon.com/security/post/Tx1P2T3LFXXCNB5/Writing-IAM-policies-Grant-access-to-user-specific-folders-in-an-Amazon-S3-bucke http://blogs.aws.amazon.com/security/post/Tx1P2T3LFXXCNB5/Writing-IAM-policies-Grant-access-to-user-specific-folders-in-an-Amazon-S3-bucke
1 个解决方案
解决方案1
4 已采纳 2016-06-09 20:53:00
This can be done very easily. 这可以很容易地完成。 Please follow this exact procedure mentioned here in this article. 请按照本文中提到的确切步骤进行操作。
http://www.gyford.com/phil/writing/2012/09/26/django-s3-temporary.php http://www.gyford.com/phil/writing/2012/09/26/django-s3-temporary.php
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.