我获得了客户端中间件，但是如何在S3上保护用户资源呢? [英] I get the client side middleware, but how do I secure a users resources on S3?

问题描述

我获得了客户端中间件-但我不希望出现用户意外或恶意删除其他用户资源的情况.

I get the client-side middleware - but I don't want a situation where a user accidentally or maliciously deletes the resources of other users.

如何在S3上保护资源，以便用户只能删除其资源，而不能删除任何其他用户的资源?

How can I secure resources on S3 so that a user can only delete their resources and not the resources of any other user?

非常感谢

推荐答案

我不希望出现用户意外或恶意删除其他用户资源的情况

I don't want a situation where a user accidentally or maliciously deletes the resources of other users

设置S3存储桶时，您可以配置任何人对存储桶资源的权限.如果我没看错，则默认情况下所有内容都被视为私有".

When you set up your S3 Bucket you configure the permissions that any person has on your bucket resources. If I'm not wrong, everything is treated as "private" by default.

您还需要做的是配置 IAM用户并授予他访问权限(通过政策)，以便他阅读并在您的存储桶中写入数据.如果正确执行此操作，则只有此user可以做重要的事情:写.所有这些写"资源(创建/更新/删除)都需要使用用户密钥/秘密凭证代表该"IAM用户"在您的服务器上完成.

What you also need to do is configure a IAM User and grant him access (through a Policy) to let him read and also write data in your bucket. If you do this properly, only this user can do the important thing: write. All of this resource "writing" (creating/updating/deleting) needs to be done on your server on behalf of this "IAM user" with the user key/secret credentials.

这使您成为更改S3的唯一方法.使用此设置，即使您的恶意用户知道您的存储桶的路径，也可以保护您的资源，因为这些用户最多仅具有读取"访问权限.

This grants you to be the only way to make changes in your S3. With this setup, your resources are secured even when your malicious users know the path to your bucket, because these users will only have the "read" access at most.

我建议您遵循这篇文章(或此一个，以防您了解西班牙语)作为设置S3存储桶的指南.

I recommend you to follow this article (or this one, in case you understand spanish) as a guide to set up your S3 bucket.

作为对其他问题的回应:

As a response of this other concern:

如何在S3上保护资源，以便用户只能删除其资源，而不能删除任何其他用户的资源?

How can I secure resources on S3 so that a user can only delete their resources and not the resources of any other user?

所有这些操作都需要在服务器中处理，以确保完整性/安全性.您的用户无需直接访问您的资源即可对其进行修改.

All of this operations needs to be handled in your server to ensure integrity/security. Your users don't need to have direct access to your resources in order to be able to modify them.

也许您的问题朝这个方向发展:

Maybe your question goes in this direction:

如果系统的端点看起来像这样，巨魔用户想要更改他人的个人资料图片怎么办?:

POST /users/{id}/update-photo

在这种情况下，您可以让恶意用户(假设用户id等于10)可以访问其他人的资源:

In this case, you could let a malicious user (lets say user id equals 10) to have access to someone else's resource:

/**
* he/she could do this:
*/
POST /users/23/update-photo  // <-- id=23
/**
* instead of:
*/
POST /users/10/update-photo  // <-- id=10

如何避免这种情况?进行身份验证和路由屏蔽".

How to avoid this? with auth checking and route "masking".

/**
* Instead of this:
*/
POST /users/23/update-photo // <-- user id=23
/**
* Try this kind of endpoint:
*/
POST /profile/update-photo // <-- note that we disabled the ability to specify a user id

如何识别用户?如果是通过令牌的API，则是通过会话的网络调用.在此示例中，要标识用户，您可以执行以下操作:

How to recognize the user? In case of an API through the token, in case of a web call through the session. In this example, to identify the user you do something like this:

public function updatePhoto(Request $request)
{
    $user = auth()->user(); // <-- now we ensure the user is id=10

    // the rest of the code..
}

当然，我只是假设这是您的关注点之一，但这只是如何在服务器端实施这种验证以确保保护资源的简单示例.

Of course, I'm just assuming this is one of your concerns, but is a simple example of how this kind of validation can be implemented in server-side to ensure the protection of your resources.

这篇关于我获得了客户端中间件，但是如何在S3上保护用户资源呢?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！