Reputation: 15889
Best Practices in Protecting Amazon S3 Files?
For example, I have a website with User A and B. Both of them can login to my website using my own login system.
How do I make certain files from S3 accessible only to User A once he login to my website?
Note: I saw "Permission" in AWS Management Console with "Authenticated Users" option but it seems that it's meant for other S3 users only, is it something I can use to achieve my goal?
Upvotes: 2
Views: 1525
Answers (1)
Reputation: 7200
You need to use Amazon IAM - you can define what part of any S3 bucket A can see, as well as B and each will not have access to do 'anything'. In general you should never use the account ID and secret for anything, always make an IAM user have just whats needed to run your stuff. The admin user likely does not need EC2 or SQS, or SimpleDB, etc.
Federated access is great for allowing arbitrary users to sign into your website and only be granted access for say 12 hours. They get special AWSIDs for that access that will work only on the section of S3 you let them look at.
Upvotes: 1
Related Questions
- What is the most secure option for storing highly sensitive / private files in S3?
- What's the alternatives to keep my s3 buckets secure in AWS?
- How to securely store images on Amazon S3
- Hardening S3 bucket
- AWS S3: General practice on limiting users access to only their folders?
- amazon s3 for downloads how to handle security
- S3. How to protect my storage from many files upload by authorised users
- Protecting Amazon S3 Files for User-Specific display
- Best way to protect resources hosted on Amazon S3?
- Proper way to manage stored documents on Amazon S3