Reputation: 469
Amazon S3 storage of sensitive files
I am looking to set up a download space on s3.
I am sending an email to an authorised user to my site so that they can click a link and download a File.
I would like to keep this file hidden from public view altogether, but if I do this how exactly will I be able to assign/'tag' a file with a particular user on my website database?
Upvotes: 2
Views: 124
Answers (1)
Reputation: 13648
From AWS S3 Share an Object with Others:
All objects by default are private. Only the object owner has permission to access these objects. However, the object owner can optionally share objects with others by creating a pre-signed URL, using their own security credentials, to grant time-limited permission to download the objects.
For each object you want to share, you will need to generate a pre-signed URL, with an expiration period. This URL can then be sent to a user. This is an example of the how to generate a pre-signed URL using PHP:
$cmd = $s3Client->getCommand('GetObject', [
'Bucket' => 'my-bucket',
'Key' => 'testKey'
]);
$request = $s3Client->createPresignedRequest($cmd, '+20 minutes');
// Get the actual presigned-url
$presignedUrl = (string) $request->getUri();
how exactly will I be able to assign/'tag' a file with a particular user on my website database?
If you want to track which files have been granted access to a particular user, you could create a table that stores the userId, the bucket/key, the pre-signed URL, and an expirationDate. This would allow you and/or the user to reference the URL later. The files could be aged from the table based on the expirationDate.
Upvotes: 2
Related Questions
- What is the difference between Amazon SNS and Amazon SQS?
- Create a CSV File for a user in PHP
- Download single files from GitHub
- Returning a file to View/Download in ASP.NET MVC
- How to rename files and folder in Amazon S3?
- Import multiple CSV files into pandas and concatenate into one DataFrame
- Make a bucket public in Amazon S3