Ruhith Udakara
Reputation: 2454
is it okay grant public read access to some objects in my Amazon S3 bucket?
I store profile pictures in the s3 bucket and I store the aws URL in my database. when I need the profile picture I set the URL in the database into image tag.for this I set s3 bucket policy as public for read access.is this is a good idea or is there any other way to do this?
Upvotes: 0
Views: 180
Answers (1)
Radu Diță
Reputation: 14171
One way of going around making a bucket publicly accessible is to:
- put all your image files under one 'folder'
- create a CloudFront Distribution that serves only from that folder
- only allow read access to the Identity that will be generated by the CF wizard
On the back end you should be able to infer the final location of the assets, as you should know the CF endpoint at this point.
Note: you should set the CF endpoint as an env var for your backend and not hardcode it.
Upvotes: 1
Related Questions
- User level permissions on Amazon s3 on Public read URL
- S3 bucket policy: allow full access to a bucket and all its objects
- How do you allow granting public read access to objects uploaded to AWS S3?
- Allowing public-read and bucket-owner-full-control in S3
- Is an Amazon S3 publicly readable bucket bad
- S3 grant object access to users
- AWS s3 "public access"
- AWS S3 ACL public-read-write: security concern
- Is my S3 bucket publicly writable?
- Bucket permissions on Amazon