如何通过要求凭证限制在Amazon S3上对我的静态网站的访问 [英] How do I Restrict Access to My Static Website on Amazon S3 by asking for Credentials

问题描述

我正在AmazonS3上托管静态网站( http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html ).

I'm hosting a Static Website on AmazonS3 (http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).

但是，我只希望通过授权用户并随后对其进行身份验证来授予对我的页面的访问权限.

However, I wish to grant access to my page ONLY by authorizing and subsequently authenticating users.

我可以使用哪些可用的服务(Heroku等)?我希望使用他们的社交网络ID(facebook，twitter等)进行登录.

What services are available (Heroku, etc.,) that allows me to do that? I would like the option of having login using their social networking IDs (facebook, twitter, etc.,).

感谢您对此的指导.

推荐答案

您描述的场景不能仅通过Amazon S3来实现.

The scenario you describe cannot be achieved purely via Amazon S3.

Amazon S3中有可用的安全性，但它使用以下两种方式之一:

While there is security available in Amazon S3, it uses either:

• AWS凭证(不应颁发给您的应用程序用户)，或
• 预签名URL 授予用户临时访问权限Amazon S3中的对象(但它们需要由应用程序生成)

• AWS credentials (that should not be issued to your application users), or
• Pre-Signed URLs that grant users temporary access to objects in Amazon S3 (but they need to be generated by an application)

您将需要一个应用程序，该应用程序接受他们的登录并验证他们被允许的访问级别.然后，该应用程序可以生成预签名的URL，以授予对Amazon S3中特定对象的访问权限.提供此类应用程序的传统方式是在Amazon EC2上运行的网络服务器上. (一种替代方法是使用无服务器代码.这是

You will need an application that accepts their login and verifies the level of access they are permitted. The application can then generate pre-signed URLs to grant access to specific objects in Amazon S3. The traditional way to provide such an application is on a web server running on Amazon EC2. (An alternative is to use Serverless code. Here is an example)

您可以使用 Web身份联盟通过以下方式对用户进行身份验证Facebook，Google和Amazon，作为上述过程的一部分.

You could use Web Identity Federation to authenticate users via Facebook, Google and Amazon, as part of the above process.

这篇关于如何通过要求凭证限制在Amazon S3上对我的静态网站的访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！