允许第三方用户将文件上传到您的AWS S3 fs中 [英] Allowing third party users to upload files into your AWS S3 fs

问题描述

我在这里遇到了一个非常棘手的问题:我需要允许网站的用户将非常大的文件上传到他们的账户，并且我想将这些文件存储在AWS S3文件系统上.我不能只是编写一个Web服务来接收它们并将它们保存在S3 fs中，因为在上传过程中各种事情都可能出错，并且我需要一个复杂的上载器客户端.亚马逊提供的那种将文件上传到S3的客户端，但是我当然不能让用户直接访问它.我对此表示衷心的感谢！

I have a pretty tough problem here: I need to allow the users of my site to upload very large files to their accounts and I want to store these files on a AWS S3 filesystem. I can't just write a web service to receive these and save them in the S3 fs, because all kinds of things can go wrong during the upload and I need a sophisticated uploader client. The kind of client that Amazon provides to upload files into S3, but of course I can't give my users direct access to that. I'd seriously appreciate any ideas for this!

谢谢

推荐答案

最佳做法是让您的客户端应用程序直接上传到S3，而不是通过您自己的Web基础结构.这将利用S3的以太大规模并行特性，并减轻Web基础架构的负担.卸载基础架构将允许使用较少的实例或较小的实例来提供相同数量的流量.因此，您的基础设施成本更低.

Best practice would be to let your client application to upload directly to S3, not flowing through your own web infrastructure. This would leverage ether massive parallel nature of S3 and off-load your web infrastructure. Offloading your infrastructure will allow to use less instances or smaller instances to serve the same amount of traffic. Hence a lower infrastructure cost for you.

您需要编写一个S3 IAM策略，以限制每个用户对S3上自己的目录"(也称为键前缀)的访问权限

You would need to write an S3 IAM Policy that would limit access for each of your user to their own "directory" (aka key prefix) on S3

查看此博客文章: http://blogs.aws.amazon.com/security/post/Tx1P2T3LFXXCNB5/Writing-IAM-policies-Grant-access-to-user-亚马逊S3-bucke中的特定文件夹

如果您的应用程序是Web应用程序，则甚至可以让客户的浏览器直接上传到S3.请参阅 http://docs.aws，了解如何安全地实施此操作. amazon.com/AmazonS3/latest/API/sigv4-UsingHTTPPOST.html

If your application is a web app, you can even let your customers' browsers upload directly to S3. See how to implement this securely at http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-UsingHTTPPOST.html

关于您的问题的最后一点说明:S3不是文件系统，S3是对象存储.在

Just a last note about your question : S3 is not a file system, S3 is an object store. Read more about the differences between object storage and file system at http://www.infoworld.com/article/2614094/data-center/what-is-object-storage-.html

这篇关于允许第三方用户将文件上传到您的AWS S3 fs中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！