[英]Accessing files from AWS S3 Bucket
I am using NodeJS to upload a file into my S3 bucket.我正在使用 NodeJS 将文件上传到我的 S3 存储桶中。 As a response I receive a link to the file.作为回应,我收到了该文件的链接。
For example I receive https://my-bucket-name.s3.ap-south-1.amazonaws.com/testUpload_s.txt
例如我收到https://my-bucket-name.s3.ap-south-1.amazonaws.com/testUpload_s.txt
The bucket does not allow public access as of now.该存储桶目前不允许公开访问。 How am I supposed to securely access the file from the bucket?我应该如何安全地访问存储桶中的文件? I would like to know whether the the following method be safe?我想知道以下方法是否安全?
Allow public access for bucket允许公共访问存储桶
Each file will be given a random unique name during upload在上传过程中,每个文件将被赋予一个随机的唯一名称
This file name or the response URL is stored in the database此文件名或响应 URL 存储在数据库中
Is this approach safe?这种方法安全吗? If not is there any other method to do the same?如果没有,还有其他方法可以做到这一点吗?
There are a number of options for giving clients access to an object in S3, including:有许多选项可以让客户端访问 S3 中的对象,包括:
They each serve a different use case.它们各自服务于不同的用例。 Use #1 if it's safe for anyone to access the file (for example the file is an image being shown on a public web site).如果任何人都可以安全访问该文件(例如,该文件是在公共网站上显示的图像),请使用 #1。 Use #2 if the client has AWS credentials.如果客户端具有 AWS 凭证,请使用 #2。 Use #3 if you don't want to make the file public but the client does not have AWS credentials.如果您不想公开文件但客户端没有 AWS 凭证,请使用 #3。 Note with #3 that the pre-signed URL is time-limited.请注意 #3,预签名 URL 是有时间限制的。
You don't need to store URL.您不需要存储 URL。 You can query objects in S3 bucket using file name.您可以使用文件名查询 S3 存储桶中的对象。
For access from outside Use signed url.对于从外部访问使用签名的 url。
https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/s3-example-presigned-urls.html https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/s3-example-presigned-urls.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.