堆栈内存溢出
  简体   繁体   English

从 AWS S3 存储桶访问文件

[英]Accessing files from AWS S3 Bucket

 原文  2020-03-03 14:31:55       node.js/ amazon-web-services/ amazon-s3

问题描述

I am using NodeJS to upload a file into my S3 bucket.我正在使用 NodeJS 将文件上传到我的 S3 存储桶中。 As a response I receive a link to the file.作为回应,我收到了该文件的链接。

For example I receive https://my-bucket-name.s3.ap-south-1.amazonaws.com/testUpload_s.txt例如我收到https://my-bucket-name.s3.ap-south-1.amazonaws.com/testUpload_s.txt

The bucket does not allow public access as of now.该存储桶目前不允许公开访问。 How am I supposed to securely access the file from the bucket?我应该如何安全地访问存储桶中的文件? I would like to know whether the the following method be safe?我想知道以下方法是否安全?

  1. Allow public access for bucket允许公共访问存储桶

  2. Each file will be given a random unique name during upload在上传过程中,每个文件将被赋予一个随机的唯一名称

  3. This file name or the response URL is stored in the database此文件名或响应 URL 存储在数据库中

  4. When the file has to be fetched I use the link received from the upload response to access the file from the bucket当必须获取文件时,我使用从上传响应收到的链接从存储桶访问文件

Is this approach safe?这种方法安全吗? If not is there any other method to do the same?如果没有,还有其他方法可以做到这一点吗?

2 个解决方案

解决方案1
 1  2020-03-03 14:42:12

There are a number of options for giving clients access to an object in S3, including:有许多选项可以让客户端访问 S3 中的对象,包括:

  1. make the object public公开对象
  2. require the client to authenticate with AWS credentials要求客户端使用 AWS 凭证进行身份验证
  3. give the client a time-limited, pre-signed URL给客户一个限时的、预先签名的 URL

They each serve a different use case.它们各自服务于不同的用例。 Use #1 if it's safe for anyone to access the file (for example the file is an image being shown on a public web site).如果任何人都可以安全访问该文件(例如,该文件是在公共网站上显示的图像),请使用 #1。 Use #2 if the client has AWS credentials.如果客户端具有 AWS 凭证,请使用 #2。 Use #3 if you don't want to make the file public but the client does not have AWS credentials.如果您不想公开文件但客户端没有 AWS 凭证,请使用 #3。 Note with #3 that the pre-signed URL is time-limited.请注意 #3,预签名 URL 是有时间限制的。

解决方案2
 0  2020-03-03 14:40:08

You don't need to store URL.您不需要存储 URL。 You can query objects in S3 bucket using file name.您可以使用文件名查询 S3 存储桶中的对象。

For access from outside Use signed url.对于从外部访问使用签名的 url。

https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/s3-example-presigned-urls.html https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/s3-example-presigned-urls.html

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从 AWS S3 存储桶在 Express 中提供 static 个文件 - Serve static files in Express from AWS S3 bucket 将文件从一个 AWS 帐户的 S3 存储桶复制到另一个 AWS 帐户的 S3 存储桶 + 使用 NodeJS - Copy files from one AWS account's S3 bucket to another AWS account's S3 bucket + using NodeJS 在 AWS S3 存储桶上上传大文件 - Uploading Large Files on AWS S3 bucket 从节点访问s3存储桶 - Accessing a s3 bucket from Node 来自 s3 存储桶的 Stream 个视频文件 - Stream video files from s3 bucket AWS S3 Node.js SDK:需要一次从一个存储桶下载所有文件 - AWS S3 Node.js SDK: Need to Download all files from one bucket at once 如何将您的网站列入白名单以便能够查看 AWS S3 存储桶中的文件? - How to whitelist your website to be able to view files from AWS S3 bucket? 无法将文件上传到私有 aws S3 存储桶 - Can`t upload files to a private aws S3 bucket 使用 lambda 扫描 AWS S3 存储桶中的文件以查找病毒 - Scan files in AWS S3 bucket for virus using lambda Amazon S3-从Node.js SDK访问存储桶 - Amazon S3 - accessing bucket from nodejs SDK
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM