我是否必须为 AWS S3 上的每个图像都签名 URL?
Do I have to get a signed URL for every image on AWS S3?
假设我有一个像 Instagram 这样的社交媒体应用程序。我是否必须为每张图片都签名 URL?
每个用户看到大约 100 张图像,这是否意味着它必须为每个用户获得 100 个烧焦的 URL?
要创建整个 Amazon S3 存储桶“public”(或存储桶内的路径),请使用 存储桶策略。
来自Bucket policy examples - Amazon Simple Storage Service:
The following example policy grants the s3:GetObject permission to any public anonymous users. This permission allows anyone to read the object data, which is useful for when you configure your bucket as a website and want everyone to be able to read objects in the bucket.
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject","s3:GetObjectVersion"],
"Resource":["arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"]
}
]
}
在使用存储桶策略向匿名用户授予只读权限之前,您必须禁用存储桶的“阻止”Public 访问设置。
假设我有一个像 Instagram 这样的社交媒体应用程序。我是否必须为每张图片都签名 URL? 每个用户看到大约 100 张图像,这是否意味着它必须为每个用户获得 100 个烧焦的 URL?
要创建整个 Amazon S3 存储桶“public”(或存储桶内的路径),请使用 存储桶策略。
来自Bucket policy examples - Amazon Simple Storage Service:
The following example policy grants the
s3:GetObjectpermission to any public anonymous users. This permission allows anyone to read the object data, which is useful for when you configure your bucket as a website and want everyone to be able to read objects in the bucket.
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject","s3:GetObjectVersion"],
"Resource":["arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"]
}
]
}
在使用存储桶策略向匿名用户授予只读权限之前,您必须禁用存储桶的“阻止”Public 访问设置。