Can I restrict access to S3 from a specific subdomain only?

问题

I have several subdomains that will have their own S3 bucket. Is there a way to set S3 bucket to allow GET requests only from a specific subdomain?

回答1:

Use an aws:Referer condition. From Restricting Access to a Specific HTTP Referrer:

{
  "Version":"2012-10-17",
  "Id":"http referer policy example",
  "Statement":[
    {
      "Sid":"Allow get requests originated from www.example.com and example.com",
      "Effect":"Allow",
      "Principal":"*",
      "Action":"s3:GetObject",
      "Resource":"arn:aws:s3:::examplebucket/*",
      "Condition":{
        "StringLike":{"aws:Referer":["http://www.example.com/*","http://example.com/*"]}
      }
    }
  ]
}

来源：https://stackoverflow.com/questions/32453602/can-i-restrict-access-to-s3-from-a-specific-subdomain-only

标签

amazon-s3

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!