stackoom
  简体   繁体   中英

How to securely use Amazon S3 in a messaging application

 原文  2017-08-11 01:45:27       amazon-web-services/ security/ amazon-s3/ aws-php-sdk/ file-security

Question

So I'm building a messaging app in Cordova and I was wondering what the best approach is to secure the image files so no one else can view them. I suppose I can just generate random filenames and store them in the database, but that feels like pseudo-security. I also know that you can createPresignedRequest() , but that's for temporary files I believe. Maybe I'm missing something, but I can't figure out a good way to do this. I'm also using the PHP SDK. Not too important for scenario, but figured I'd mention it.

1 answers

solution1
 0  2017-08-11 04:35:47

I also know that you can createPresignedRequest(), but that's for temporary files I believe.

Pre-signed links are temporary, but it doesn't matter if the object in S3 is.

You can either use pre-signed URLs or Amazon Cognito in combination with AWS IAM roles to grant certain users access to the files.

How it would work with Cognito is described on the following page: https://docs.aws.amazon.com/cognito/latest/developerguide/iam-roles.html

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to securely store images on Amazon S3 How to use Amazon Cognito with S3 for web application Securely access Amazon S3 static website? How to securely access a file in the application using s3 bucket URL How to use Amazon s3 as a Codeigniter library? How to use browser caching with Amazon S3? How to use docx gem with amazon s3? How does Instagram use Amazon S3? how to use DISTINCT in amazon s3 query How to use Amazon s3 path for listing amazon s3 folders in java
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM