stackoom
  简体   繁体   中英

AWS S3 on multiple devices

 原文  2017-10-19 18:01:56       android/ amazon-web-services/ amazon-s3

Question

Ok, so I am new to AWS. I want to make an app that will store a small amount of user data. S3 seems to be the way to store data. Is there a way to make multiple storage spaces automatically with S3? Lets say I make an android app and people install it on their phone. Will they each automatically get an S3 storage space? how do I do that? thanks

2 answers

solution1
 1  2017-10-19 18:20:08

You can create a S3 Bucket to your project with folders (depending on the architecture, can be one for customer). On this way, you will have an instance of the s3 service with all your user data.

solution2
 0  2017-10-19 23:20:02

Amazon S3 is simply an object-storage system. How you use it is totally up to you.

If you wish to store information on a per user basis, then you need to consider security in addition to how the data is stored.

If the intention is that a user can access some information that is private to them (as opposed to being publicly visible to anyone), then you first need to control access to data.

  • For public information , no authentication is necessary
  • For private information , something needs to determine what they are allowed to access, and then grant access

You should not give permanent AWS Credentials (Access Key, Secret Key) to every user. These credentials are only for your IT operations staff (you!) and for your applications.

This leaves two options:

  • Your central server could generate temporary access credentials using the AWS Secure Token Service, while specifying what access rights they have (eg access to a particular S3 bucket and path, or to other AWS services such as DynamoDB). OR
  • Generate pre-signed URLs for specific objects stored in Amazon S3.

Based upon your use-case, it seems a better fit to use pre-signed URLs . Basically, the flow is:

  • Your app would send a request to your central server, requesting access to an object.
  • The server (or rather, the app you have written that is running on a central server) verifies their identity and confirms that they should be allowed access to the object stored in Amazon S3.
  • The central server then generates a pre-signed URL that grants time-limited access to an object in Amazon S3 and sends the URL back to the client app
  • The client app then uses the URL to retrieve the data from Amazon S3

Only the app running on your central server requires AWS credentials. It then uses those credentials to generate pre-signed URLs that can be used by the client apps.

By the way, the app on the central server doesn't actually need to be running on a server. You could use AWS API Gateway to send requests to AWS Lambda functions, which can perform the logic and send back the response. This would be a serverless solution, but still with centralized logic.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Android and AWS S3 AWS Cognito and S3 Android upload multiple files to AWS S3 failed aws push notifications for multiple devices Proguard Aws s3 issue Connect Thumbor with AWS - s3 Retrofit + AWS S3 - Presigned URL uploading multiple images, should I use a loop with PUT requests? Retrying failed file uploads to AWS S3 Android AWS S3 security alert Unable to access AWS S3 from Android
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM