Reputation: 24069
Canned vs Custom - Signed URLs
I need to serve private content through S3 and was wondering the differences between a canned and custom policy.
I know the docs state that canned is for a single object and custom can be for one or more objects, but i was wondering with custom, is the same rule applied to all objects.
In my application I need to secure around 100 PDF docs, each doc will have a different expiry time.
Now do I need to use custom, or will this not work as each doc has a different expiry time, so should I use canned for each doc individually?
Upvotes: 0
Views: 479
Answers (1)
Reputation: 61
Using a single custom policy it will not work for your use case. The times are a part of the policy, which means each one of your PDFs will need a different policy So, unless you need the extra features available with custom policies, Canned is probably easier and more convenient.
Upvotes: 1
Related Questions
- What is difference between Pre-Signed Url and Signed Url?
- Cloudfront vs S3 signed URL and Boto3
- When to use S3 Presigned Url vs Upload through Backend
- S3-backed CloudFront and signed URLs
- Amazon S3 pre-signed URLs
- S3 Restriced URLs vs. Cloudfront Signed URLs
- aws s3 iam user vs signed urls
- Cloudfront private content + signed urls architecture
- Cloudfront URL vs S3 URL on AWS
- Cloudfront signed urls for EACH user: IP address vs. public key