Reputation: 720
Protect s3 Object from Public
I want to protect my s3 object from Public access and the object can only be accessed from my origin. How can I do that? I tried by setting Objects Access control to Private, then Set in the buckets CORS settings, Allowed origin to my origin with the method GET but I'm getting an error while accessing the object.
How do I set the bucket to access the bucket objects only from my origin?
Upvotes: 0
Views: 115
Answers (1)
Reputation: 270154
It sounds like you might be asking how to make an Amazon S3 bucket accessible to a specific Amazon CloudFront distribution.
From Restricting Access to Amazon S3 Content by Using an Origin Access Identity - Amazon CloudFront:
To restrict access to content that you serve from Amazon S3 buckets, follow these steps:
- Create a special CloudFront user called an origin access identity (OAI) and associate it with your distribution.
- Configure your S3 bucket permissions so that CloudFront can use the OAI to access the files in your bucket and serve them to your users. Make sure that users can’t use a direct URL to the S3 bucket to access a file there.
After you take these steps, users can only access your files through CloudFront, not directly from the S3 bucket.
Upvotes: 1
Related Questions
- Block S3 public access at account level
- Restricting access to S3 objects unless url is signed
- How to restrict the public access
- Block all objects' public access in S3 by CLI
- AWS: Provide a limited and secure access to S3 object
- Deny Amazon S3 buckets and objects from being public
- protect S3 with a firewall
- Denying direct access to AWS S3 Object
- Restrict world access to Amazon S3 URLs
- How to restrict Amazon S3 API access?