如何在消息传递应用程序中安全使用Amazon S3
[英]How to securely use Amazon S3 in a messaging application
问题描述
So I'm building a messaging app in Cordova and I was wondering what the best approach is to secure the image files so no one else can view them. 
因此,我在Cordova中构建了一个消息传递应用程序,我想知道最好的方法是保护图像文件,以便其他人无法查看它们。 I suppose I can just generate random filenames and store them in the database, but that feels like pseudo-security. 我想我可以生成随机文件名并将其存储在数据库中,但这听起来像伪安全性。 I also know that you can createPresignedRequest() , but that's for temporary files I believe. 我也知道您可以createPresignedRequest() ,但这是我相信的临时文件。 Maybe I'm missing something, but I can't figure out a good way to do this. 也许我缺少了一些东西,但是我找不到解决这个问题的好方法。 I'm also using the PHP SDK. 我也在使用PHP SDK。 Not too important for scenario, but figured I'd mention it. 对于场景来说不太重要,但是我想提一下。
1 个解决方案
解决方案1
0 2017-08-11 04:35:47
I also know that you can createPresignedRequest(), but that's for temporary files I believe.
Pre-signed links are temporary, but it doesn't matter if the object in S3 is. 预签名的链接是临时的,但是S3中的对象是否是无关紧要的。
You can either use pre-signed URLs or Amazon Cognito in combination with AWS IAM roles to grant certain users access to the files. 您可以将预签名URL或Amazon Cognito与AWS IAM角色结合使用,以授予某些用户访问文件的权限。
How it would work with Cognito is described on the following page: https://docs.aws.amazon.com/cognito/latest/developerguide/iam-roles.html 以下页面描述了它如何与Cognito一起使用: https : //docs.aws.amazon.com/cognito/latest/developerguide/iam-roles.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.