Does Amazon S3 support HTTP request with basic authentication
I would like to set up an Amazon S3 account, create a bucket, upload some data, and that this data will be available using HTTP GET with basic authentication
-
The short answer is no, not using basic auth. But here is a way that is effectively the same as basic auth, and that is easily than other solutions listed. I believe it is secure, but I don't know for sure.
You can set conditions on s3 buckets that match the headers on the request. As an example you can use the
useragent, andrefererheaders as something equivalent to username and password in basic auth. Normally the useragent is the browser, and OS (likeMozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0), and the referer is the previous webpage.Here is an example s3 bucket policy that allows putting objects, and getting objects by matching the useragent, and referer (note change:
BUCKETNAME,USERNAME,PASSWORD,AWS_REGION, andFILENAMEto your details):{ "Version": "2012-10-17", "Statement": [ { "Sid": "allow-username-and-password-access", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": [ "s3:PutObject", "s3:GetObject" ], "Resource": "arn:aws:s3:::BUCKETNAME/*", "Condition": { "StringEquals": { "aws:UserAgent": "USERNAME", "aws:Referer": "PASSWORD" } } } ] }To put a resource in the bucket you can use a curl request like this (note change:
BUCKETNAME,USERNAME,PASSWORD,AWS_REGION, andFILENAME):curl --user-agent USERNAME --referer PASSWORD --upload-file "FILENAME" --request PUT "https://s3-AWS_REGION.amazonaws.com/BUCKETNAME/FILENAME"To get use the resource you can use something like this:
curl --user-agent USERNAME --referer PASSWORD "https://s3-AWS_REGION.amazonaws.com/BUCKETNAME/FILENAME" > FILENAMEOnce again, I believe this is secure, as the useragent, and referer should be encrypted if you are using https, but please tell me if it is not.
加载中...
- 热议问题