Lets say I have a social media app like Instagram. Do I have to get a signed URL for every single image? Each user sees like 100 images, does that mean that it has to get 100 singed URLs for each user?
CodePudding user response:
To make an entire Amazon S3 bucket "public" (or a path within the bucket), use a bucket policy.
From Bucket policy examples - Amazon Simple Storage Service:
The following example policy grants the
s3:GetObject
permission to any public anonymous users. This permission allows anyone to read the object data, which is useful for when you configure your bucket as a website and want everyone to be able to read objects in the bucket.
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject","s3:GetObjectVersion"],
"Resource":["arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"]
}
]
}
Before you use a bucket policy to grant read-only permission to an anonymous user, you must disable Block Public Access settings for your bucket.