简体繁体 English

如何使用 cognito 访问私有 s3 存储桶

[英]How to get access to private s3 bucket using cognito

原文 2019-11-04 13:07:49 5 2 amazon-web-services/ amazon-s3/ amazon-cognito/ serverless-framework

I have a cognito user pool which is connected to google as identity providers (so that I can log in with a gmail account).我有一个认知用户池，它作为身份提供者连接到谷歌（这样我就可以使用 gmail 帐户登录）。 I also have a private bucket s3 with files ().我还有一个带有文件（）的私有存储桶 s3。 How can I use my lambda function, using the token returned by Cognito (AcessToken, IdToken) to get access to my s3 bucket which is not public?如何使用我的 lambda function，使用 Cognito 返回的令牌（AcessToken，IdToken）来访问我的不公开的 s3 存储桶？

I just want to use my cognito to access my private files on s3.我只想使用我的 cognito 访问我在 s3 上的私人文件。

Something like the Cognito Authorizer for lambda functions just for s3 bucket.类似于 lambda 的 Cognito Authorizer 功能仅适用于 s3 存储桶。

2 个解决方案

You can use Signed URLs to achieve this.您可以使用签名 URL来实现此目的。

Basically, after your user successfully authenticated by Cognito, your Lambda function will generate s3 pre-signed url for object requested and reply it back. Basically, after your user successfully authenticated by Cognito, your Lambda function will generate s3 pre-signed url for object requested and reply it back.

Example from AWS Documentation AWS 文档中的示例

Also take a look at this AWS forum thread另请查看此AWS 论坛主题

The only way that i know to do this is give the role access to the cognito user我知道这样做的唯一方法是让角色访问 cognito 用户

https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_s3_cognito-bucket.html https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_s3_cognito-bucket.html

如何允许经过 Cognito 身份验证的用户获得对 s3 存储桶的公共访问权限 - how to allow cognito authenticated users to get public access to s3 bucket

如何只允许经过身份验证的用户（使用Cognito）访问他们自己的S3存储桶/密钥？ - How do I only allow authenticated user (using cognito) access to their own S3 bucket/key specifically?

如何访问AWS S3存储桶 - How to get access to AWS S3 bucket

如何更改S3 Bucket Policy的公共访问权限 - How to change Public access to private for S3 Bucket Policy

S3访问专用存储桶文件 - S3 access private bucket files

Amazon S3-访问私有存储桶 - Amazon S3 - Access to Private Bucket

如何在私有存储桶 s3 amazon 中获取 object 的 url（未预先签名） - How to get the url of an object in a private bucket s3 amazon(not presigned)

AWS S3允许Cognito用户访问存储桶前缀 - aws s3 allow access to bucket prefix for cognito user

允许外部用户（通过 Cognito）访问 S3 存储桶和控制台 - Allow an external user (through Cognito) to access a S3 bucket and console

用于移动和Web访问的Cognito Role和AWS S3 Bucket策略 - Cognito Role and AWS S3 Bucket policy for mobile and web access

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何允许经过 Cognito 身份验证的用户获得对 s3 存储桶的公共访问权限 - how to allow cognito authenticated users to get public access to s3 bucket 如何只允许经过身份验证的用户（使用Cognito）访问他们自己的S3存储桶/密钥？ - How do I only allow authenticated user (using cognito) access to their own S3 bucket/key specifically? 如何访问AWS S3存储桶 - How to get access to AWS S3 bucket 如何更改S3 Bucket Policy的公共访问权限 - How to change Public access to private for S3 Bucket Policy S3访问专用存储桶文件 - S3 access private bucket files Amazon S3-访问私有存储桶 - Amazon S3 - Access to Private Bucket 如何在私有存储桶 s3 amazon 中获取 object 的 url（未预先签名） - How to get the url of an object in a private bucket s3 amazon(not presigned) AWS S3允许Cognito用户访问存储桶前缀 - aws s3 allow access to bucket prefix for cognito user 允许外部用户（通过 Cognito）访问 S3 存储桶和控制台 - Allow an external user (through Cognito) to access a S3 bucket and console 用于移动和Web访问的Cognito Role和AWS S3 Bucket策略 - Cognito Role and AWS S3 Bucket policy for mobile and web access

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM