S3 Uploads requiring public access
-
Is there anyway around this?
I am using the s3-upload-updated plugin and it's uploading and displaying fine in the forum, but it requires the file have public access in AWS.
Is there anyway to restrict this so you can only view the image/file within the forum?
-
I think you should configure the S3 Bucket's policies.
I think, but I'm not sure since I just googled it, should be something like:
{ "Version": "2008-10-17", "Id": "preventHotLinking", "Statement": [ { "Sid": "1", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::my-brand-new-bucket/*", "Condition": { "StringLike": { "aws:Referer": [ "http://yourwebsitename.com/*", "http://www.yourwebsitename.com/*" ] } } } ] }
-
@CJ-Infantino said in S3 Uploads requiring public access:
Is there anyway to restrict this so you can only view the image/file within the forum?
Off the top of my head, I think the only way to use offline storage like s3 would be to mount it as a network drive, and Symlink it in your uploads folder, since that's how you could control access to only people that are logged in
-
@CJ-Infantino I added a
bucket policythat restricts all hotlinking except from my site itself. I am using aDenywith aStringNotLikecondition.This is what works for me:
{ "Version": "2008-10-17", "Id": "preventHotLinking", "Statement": [ { "Sid": "Allow get requests referred by example.com", "Effect": "Deny", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::exampleBucket/*", "Condition": { "StringNotLike": { "aws:Referer": [ "http://example.com/*", "https://example.com/*" ] } } } ] }
