Reputation: 1382
Turning off public access to AWS S3 bucket
I understand that you can grant read/write to internal AWS account resources like lambda when you turn off public access. However what if I need to be able to read an S3 object from an external host, via the S3 URL? Sure I know I could add a public API endpoint to serve up the S3 asset. However if I use something like <img src=""/> that doesn't help me. If I try to perform a GET on the S3 url at this point, I get a 403. I'm wondering in this case that I have to leave 'public access' on?
Upvotes: 0
Views: 112
Answers (1)
Reputation: 270114
There are two ways to access objects in private Amazon S3 buckets.
Use S3 API calls
You can use API calls using the AWS CLI or an AWS SDK. These API calls require AWS credentials that have GetObject permission to access the bucket. They do not require the bucket to be public.
Use a pre-signed URL
Alternatively, you can generate an Amazon S3 pre-signed URL, which provides time-limited access to private objects in Amazon S3. The URL can be used in <img src=...> tags.
The pre-signed URL can be generated in a few lines of code without the need to call AWS. It is basically a hashed signature that uses some AWS credentials to authorise access to the private object. This option appears most suitable for your use-case.
Upvotes: 1
Related Questions
- Cannot load expo dev app on real device: There was a problem loading the project
- Bare Expo app unable to build when created first time (Expo SDK 42)
- react native expo blank white screen after splash screen
- Expo React Native app crashes on Android but works in Expo Go
- Expo iOS build crashing on splash screen
- Expo standalone application stuck on splash screen after build
- White screen after migration to Expo
- Why Expo can not load the project in react-native app?
- I cannot run React Native app on expo environment on Android
- React-native app with expokit crash on android release build