I am quite familiar with EC2 instances, IAM's (users, roles, groups), S3 buckets and policies and hope the community can help me here.
Let's assume I have an EC2 instance with a webserver running. This EC2 instance hosts a web video player (video js, JWPlayer etc.). Ideally I would like to host an MP4 on a S3 bucket without making the S3 bucket public.
My initial thought was that I could either create a role with full access to the S3 bucket or assign a policy to the bucket that allows the instance to have access.
I have tried many policies and roles but neither seem to work. Now I am wondering if this is even possible.
I understand that this architecture is not perfect and that you would potentially use cloudfront to serve the video. However, this is just a proof of concept...if possible. Thank you guys!!
This is the perfect use-case for an Amazon S3 pre-signed URL , which provides time-limited access to a private object. It completely offloads the traffic to S3, making it highly scalable for serving content.
Basically:
<img src="...">
Yes, a user can share the link with other people, but it expires after the given time period.
You can also Serve Private Content through CloudFront , which can work better for many media players because it can serve streaming media .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.