Reputation: 21
Use Case: shutting down on-premise WingFTP Secure Server and moving 50+ folders to AWS S3. Need to provide access to 120 end users outside my organization.
Challenges:
Thanks for any feedback!
Scott
Upvotes: 2
Views: 3594
Reputation: 270114
I congratulate you for helping to eliminate FTP from the world!
You should not give the users IAM accounts. IAM should only be used for users and applications within your own organisation.
Instead, you need a way to authenticate the end users and then give them appropriate (temporary) access to Amazon S3.
One way would be to use Amazon Cognito to authenticate users. You can then generate temporary credentials that grant access to 'their folder' within an S3 bucket. They can use these credentials with the AWS Command-Line Interface (CLI), or an application like CyberDuck or simply a web page that allows them to upload a file. If they want to automate the upload, then the CLI is the way to go.
Another way would be to have a simple application that authenticates the users (however you want to do that), then generates Pre-Signed URLs that allows them to upload files via a web page to their specific folder.
Upvotes: 2