Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS S3 + Django: Files stored in S3 accesible by user

Tags:

I have a (django) web application running in my own server. It has users, permissions and all that.

Each user is able to upload files to my platform. A new entry is created in my DB for each file uploaded and the file is then stored in AWS S3.

Currently the bucket is set to public, so this means that anyone has access to any file in the bucket if they know the url, which is not ideal.

What i want to do is to restrict the access to the files so that only the user who uploaded it has access to them (and only when they are logged in to my platform).

Does anyone know if there is a solution for this? If so, how?

I have been looking into this, but i still have no clue how to implement it or if it is actually what im looking for. http://blogs.aws.amazon.com/security/post/Tx1P2T3LFXXCNB5/Writing-IAM-policies-Grant-access-to-user-specific-folders-in-an-Amazon-S3-bucke

like image 989
Agey Avatar asked Jun 09 '16 20:06

Agey


1 Answers

This can be done very easily. Please follow this exact procedure mentioned here in this article.

http://www.gyford.com/phil/writing/2012/09/26/django-s3-temporary.php

like image 134
error2007s Avatar answered Nov 11 '22 17:11

error2007s