[英]Preventing hotlinking on Amazon S3 with CloudFront
我嘗試使用此存儲桶策略阻止Amazon S3上的熱鏈接媒體文件。
{
"Version": "2008-10-17",
"Id": "my-id",
"Statement": [
{
"Sid": "Allow get requests to specific referrers",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::bucketname/*",
"Condition": {
"StringLike": {
"aws:Referer": "http://sitename.com/"
}
}
},
{
"Sid": "Allow CloudFront get requests",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::amazonaccountid:root"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::bucketname/*"
}
]
}
ACL設置為私有。 我仍然無法接受我嘗試訪問的文件。
我在這里嘗試了許多不同的策略,但它們似乎都沒有任何效果。 我試圖阻止熱鏈接的文件是.swf文件。
當我使用沒有cloudfront的確切(bucketname.s3.amazonaws.com)鏈接時,它可以工作。
以下是我使用的存儲桶策略。
{
"Version": "2008-10-17",
"Id": "http referer policy",
"Statement": [
{
"Sid": "Allow get requests referred by www.mysite.com and mysite.com",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::bucketname/*",
"Condition": {
"StringLike": {
"aws:Referer": "http://www.mysite.com/*"
}
}
}
]
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.