可以授予对我的 Amazon S3 存储桶中某些对象的公共读取访问权限吗?
[英]is it okay grant public read access to some objects in my Amazon S3 bucket?
问题描述
I store profile pictures in the s3 bucket and I store the aws URL in my database.
我将个人资料图片存储在 s3 存储桶中,并将 aws URL 存储在我的数据库中。 when I need the profile picture I set the URL in the database into image tag.for this I set s3 bucket policy as public for read access.is this is a good idea or is there any other way to do this?当我需要个人资料图片时,我将数据库中的 URL 设置为图像标签。为此,我将 s3 存储桶策略设置为公开以进行读取访问。这是一个好主意还是有其他方法可以做到这一点?
1 个解决方案
解决方案1
1 已采纳 2020-04-06 07:53:44
One way of going around making a bucket publicly accessible is to:使存储桶可公开访问的一种方法是:
- put all your image files under one 'folder'将所有图像文件放在一个“文件夹”下
- create a CloudFront Distribution that serves only from that folder创建仅从该文件夹提供服务的 CloudFront 分配
- only allow read access to the Identity that will be generated by the CF wizard只允许对将由 CF 向导生成的身份进行读取访问
On the back end you should be able to infer the final location of the assets, as you should know the CF endpoint at this point.在后端,您应该能够推断出资产的最终位置,因为此时您应该知道 CF 端点。
Note: you should set the CF endpoint as an env var for your backend and not hardcode it.注意:您应该将 CF 端点设置为后端的环境变量,而不是对其进行硬编码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.