Prevent direct download of audio files from amazon s3

后端未结

关注

 3  1738

南旧 2021-01-05 00:33

I have audio files stored at Amazon S3 which are accessed from a web based music player app and also from mobile apps. Even non signed in users should be able to access the

3条回答

暗喜 (楼主)

2021-01-05 01:20

I've come across this requirement too and have a more updated answer on how to achieve this.

On your bucket's "Permission" tab, select the "Bucket Policy" button and fill with the code below:

{
    "Version": "2012-10-17",
    "Id": "Policy1542209806458",
    "Statement": [
        {
            "Sid": "Explicit deny to ensure requests are allowed only from specific referer.",
            "Effect": "Deny",
            "Principal": "*",
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::your-bucket-arn/*",
            "Condition": {
                "StringNotLike": {
                    "aws:Referer": [
                        "http://yourdomain.com/*"
                    ]
                }
            }
        }
    ]
}

This will allow only requests with the referer from your domain. Be aware to set your Resource field and change the allowed aws:Referer list.

This can still be spoofed but it's a simple barrier for direct linking your S3 objects.

0 讨论(0)

查看其它3个回答