Reputation: 42013
Securely displaying images with Amazon S3 in Python
I'd like to securely display a grid of thumbnail images to an authenticated user on our site. All the images will be stored in Amazon S3.
One way, I suppose, is to implement "security by obscurity" by uploading these images with public read access, and making the keys long and random.
I also could set up ACLs, but then I'd have to disclose the access key in the url (I think), or pull the image into my application via the API and display it securely through the web server.
Is there a preferred way to do this? And to be able to display the images quickly without requiring tremendous requests to S3 from the server every time a page is generated?
Thanks in advance
Upvotes: 1
Views: 537
Answers (1)
Reputation: 84114
You can generate urls to s3 with an expiry date. Generating such a URL does not require a request to S3 and does not result in the disclosure of your secret key: you use your secret key to generate a signature that is appended to the URL (the access key id is in that URL but that's ok)
See the docs on query string authorization
Upvotes: 2
Related Questions
- Display image from S3 using python
- Can't read PNG files from S3 in Python 3?
- How would I display an image from s3 on a webpage in my flask app without saving it?
- how to find if a s3 url is image or not in python 3
- How to access AWS S3 Objects in a secure way
- unable to download image form S3 bucket
- Python Image.open() gives 'object has no attribute' error
- Python - Make S3 images public as they are uploaded?
- Serving private images through S3 in django
- How do I display protected Amazon S3 images on my secure site using PHP?