How to enable aws s3 bucket content only for public service of a specific domain?

Question

How to enable aws s3 bucket content only for public service of a specific domain?

I use aws s3 to store images on the site and video content. Links to files from s3 are directly output to html / php.

The problem is that some other sites are linked to my image / video, which greatly increased the use of s3 traffic, and, of course, increased the payment account.

I know that in some cases, people use the referential header to ban links to external sites. But in this case, the image / video comes directly from s3, and not from my domain.

Can someone help to achieve this? Thanks.

+4

amazon-s3 amazon-web-services

Qishan Feb 16 '12 at 15:13

source share

1 answer

Abhinav verma · Answer 1 · 2014-10-15T12:52:31+0000

You can use the Amazon cart policy, for example:

{ "Version": "2012-10-17", "Id": "http referer policy example", "Statement": [ { "Sid": "Allow get requests originated from www.example.com and example.com", "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::examplebucket/*", "Condition": { "StringLike": { "aws:Referer": [ "http://www.example.com/*", "http://example.com/*" ] } } } ] }

which is explained in detail in: http://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html

How to enable aws s3 bucket content only for public service of a specific domain?

More articles: