I'd like to host my photo galleries on Amazon S3. Some would be public, some password-protected. What is the best way to achieve this? As far as I know S3 doesn't supports .htaccess files.
Thanks,
Istvan
It is "possible" to manage user permissions in S3 natively, but it's not really practical or scalable.
A much more practical solution (in my opinion) is to manage authentication and permissions in some other web application and then have that application provide temporary (expiring) links to the files in S3.
Related
Users can upload documents through the my site. It it stored in a private AWS S3 bucket. If they want to preview those uploaded files from my site, I generate a pre-signed URL and stick it in an <embed> tag. I was wondering if this is the best way to do this?
It currently works most of the time, however a few users don't get the preview, instead their browser wants to download the file. Mostly on Windows machines.
Any insight or help would be greatly appreciated!
My media storage is Openstack object storage (swift) in the cloud (OVH).
Regarding the user-rights on the uploaded media:
Images [A] are viewable by all users, but only deletable by
user-owner/ uploader.
Images [B] are very private. CRUD by user-owner/ uploader and
viewable by some other users.
I looked around for solutions and came across pre-signed (temporary) urls., see also this article.
I was wondering whether this provides an acceptable security level. An alternative I could think of is authenticating all users via openstack's authentication module, Keystone. But maybe that's just completely stupid and/ or overkill. I started to look in that direction as it might be similar to AWS S3 use of IAM policies.
My questions:
Is the pre-signed url solution the way to go? And if not why not?
How would processing images (creating thumbnails) look like? You
grab it from the storage, process and store it back and delete local
versions, I suppose?
I'm evaluating potential content management systems I want to use for a project. Many of the users will need to upload static files and include links to the in their posts.
In the Admin UI I can only see the ability to upload an image in a post. Does anyone know if it is possible to upload files to Keystone through the Admin UI?
You could use their Amazon S3 storage adapter. Depending on which version of Keystone you're using (3 or 4), you'll have to do some different things. Either way, you need to make some credentials for Amazon S3's service and configure Keystone to work with it. From there, you can use Types.S3File to allow a certain part of your MongoDB model to be a reference to an S3 object. See this page for more info on the S3File type in Keystone.
We are developing a mobile app using Parse as our BAAS solution but using Amazon S3 for storage of our media files. All of our users upload media files into their own individual folders inside of our app's bucket. As the user uploads media files we update their records in Parse so it knows where to download the files. That's the easy part.
I've spent quite a bit of time researching the different policies for S3 buckets and I am trying to get a grip on the proper way to ensure the security of the content uploaded. If you do all of your work with DynamoDB or SimpleDB then it's easy because you're essentially adjusting your ACLs with the IAM accounts and whatnot. If you use Amazon Cognito it's also easy because authentication happens through Google, Facebook or Amazon accounts. In my case I am using Parse to authenticate users which cannot speak to Amazon directly.
My goal is that only the currently logged in Parse user with ID #1234567 can access their own 1234567 folder and files (as well as any other user given permission by this person for collaboration). Here is a post similar to what I'm trying to accomplish: amazon S3 bucket policy - restricting access by referer BUT not restricting if urls are generated via query string authentication
...but how do I accomplish this with the current user's ID number?
Even better question is whether that post mentioned above is best practice or should I instead be looking at creating an EC2 server to handle access to these files? Should I be looking at CloudFront to serve private content? Or is there another method that works better for what I am trying to accomplish? I am going in circles and my head is spinning.
Thanks to whoever can help straighten me out.
Well since Parse is being shut down I am migrating to another service. This question is no longer relevant.
I have an amazon s3 account. As i am expecting a large amount of traffic to my site i want to put the videos to be placed in my s3 account and stream it up to my website. How can i do that?
Thanks
Prady
The simplest way is to upload it using the AWS Management Console for S3, use that to set its permissions to be publicly accessible, and then just access the usual S3 URL for it:
http://bucket-name.s3.amazonaws.com/key-name
Depending on exactly how much traffic you're getting, you can look into using Amazon's CloudFront distribution network. That will speed things up for your users, especially if they span the globe.