Home > front end >  Recommend permission configuration for static files (CSS, JS) being hosted on S3
Recommend permission configuration for static files (CSS, JS) being hosted on S3

Time:07-22

I have some static files hosted in S3 that I want to use on my website that is hosted through Elastic Beanstalk. Now, I'm trying to understand what would be the most secure permissions to set for my S3 bucket. I need the files to be public/accessible enough to all my website to use the CSS/JS files stored in the bucket, but I don't want it to be accessible for any other reason.

enter image description here

Above is a screenshot of the permission settings available. Should I leave them all unchecked in order to be able to use the CSS/JS files?

CodePudding user response:

First you have to put appropriate bucket policy which limits access to only the few specific objects of yours. You can further limit access to only your website using referrer condition. This is not a bullet proof solution for hot linking, but better then nothing.

Once you do this, you can enable first three options in public access block,. The forth option must be disabled.

But the best way is to use CloudFront with S3 for best results. This allows you to keep your bucket private, and just server your files through CloudFront.

Page link:https//www.codepudding.com/frontend/484553.html

Prev:Images not loading properly after Next.js building and yarn start
Next:playwright python how to get specific texts follwing sibling inner text value
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding