我只能限制从特定子域访问S3吗? [英] Can I restrict access to S3 from a specific subdomain only?
本文介绍了我只能限制从特定子域访问S3吗?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有几个子域,它们将拥有自己的S3存储桶.有没有一种方法可以将S3存储桶设置为仅允许来自特定子域的GET请求?
I have several subdomains that will have their own S3 bucket. Is there a way to set S3 bucket to allow GET requests only from a specific subdomain?
推荐答案
使用 aws:Referer
条件.来自限制对特定HTTP引荐来源网址的访问:
{
"Version":"2012-10-17",
"Id":"http referer policy example",
"Statement":[
{
"Sid":"Allow get requests originated from www.example.com and example.com",
"Effect":"Allow",
"Principal":"*",
"Action":"s3:GetObject",
"Resource":"arn:aws:s3:::examplebucket/*",
"Condition":{
"StringLike":{"aws:Referer":["http://www.example.com/*","http://example.com/*"]}
}
}
]
}
这篇关于我只能限制从特定子域访问S3吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文