带有 Cloudfront SignedURL 的 S3
S3 with Cloudfront SignedURL
我是 Node.js 的新手,目前正在使用 aws-cloudfront-sign 软件包。它正在处理 public 个存储桶。但是当我使用私人文件夹时,它说访问被拒绝。
var cf = require('aws-cloudfront-sign');
var options = {
keypairId: KEY,
privateKeyPath: PATHTOPEMFILE
};
cf.getSignedUrl(CLOUDFRONTURL + directory + file, options);
它 return 一个已签名的 URL,但显示访问被拒绝。我究竟做错了什么?或者,对于带有 Cloudfront SignedURL 的 S3,还有其他方法吗?谢谢
听起来你可能会混淆 signed URLs with origin access identities. Based on your description, it sounds like S3 is returning access denied to CloudFront because the folder/bucket is private. I would recommend taking a look at the documentation on configuring origin access identities,OAI。
- 创建 OAI
- 将 OAI 与分发相关联
- 更新 S3 存储桶策略以将 GetObject 授予 OAI
我是 Node.js 的新手,目前正在使用 aws-cloudfront-sign 软件包。它正在处理 public 个存储桶。但是当我使用私人文件夹时,它说访问被拒绝。
var cf = require('aws-cloudfront-sign');
var options = {
keypairId: KEY,
privateKeyPath: PATHTOPEMFILE
};
cf.getSignedUrl(CLOUDFRONTURL + directory + file, options);
它 return 一个已签名的 URL,但显示访问被拒绝。我究竟做错了什么?或者,对于带有 Cloudfront SignedURL 的 S3,还有其他方法吗?谢谢
听起来你可能会混淆 signed URLs with origin access identities. Based on your description, it sounds like S3 is returning access denied to CloudFront because the folder/bucket is private. I would recommend taking a look at the documentation on configuring origin access identities,OAI。
- 创建 OAI
- 将 OAI 与分发相关联
- 更新 S3 存储桶策略以将 GetObject 授予 OAI