Reputation: 21
Using AWS S3 to Share Folders
Use Case: shutting down on-premise WingFTP Secure Server and moving 50+ folders to AWS S3. Need to provide access to 120 end users outside my organization.
Challenges:
- How do I limit end user access to their specific folder(s) in the s3 bucket? I can't expose one users data to another.
- Do not want to spin up a 3rd party application like FileCloud (no offense to FileCloud), nor do I want to spin-up an EC2 running WingFTP.
- Lastly, not intent to set up 120+ IAM end user accounts.
Thanks for any feedback!
Scott
Upvotes: 2
Views: 3594
Answers (1)
Reputation: 270114
I congratulate you for helping to eliminate FTP from the world!
You should not give the users IAM accounts. IAM should only be used for users and applications within your own organisation.
Instead, you need a way to authenticate the end users and then give them appropriate (temporary) access to Amazon S3.
One way would be to use Amazon Cognito to authenticate users. You can then generate temporary credentials that grant access to 'their folder' within an S3 bucket. They can use these credentials with the AWS Command-Line Interface (CLI), or an application like CyberDuck or simply a web page that allows them to upload a file. If they want to automate the upload, then the CLI is the way to go.
Another way would be to have a simple application that authenticates the users (however you want to do that), then generates Pre-Signed URLs that allows them to upload files via a web page to their specific folder.
Upvotes: 2
Related Questions
- How to safely share files via amazon S3 bucket
- Share files between servers in different AWS accounts
- AWS S3 folder permission for users
- Amazon S3 Folder Level Permissions
- How to transfer files between AWS s3 and AWS ec2
- AWS S3 Bucket Access from EC2
- Access to s3 buckets
- Create a shared folder on Amazon AWS Ubuntu Linux EC2
- sync folder from ec2 to s3
- Create and connect s3 with ec2 instance