Closed samuelvinay91 closed 3 years ago
Glad to hear that.
Do you want grant access bei AWS IAM or another auth provider?
My current setup is like to have a index.htm file which would be yours and top of it I will be having a simple Basic HTTP auth driven from Lambda function.
But as per your solution, our bucket should be public to get Listobject result.But in my case its a non public.
Is there any possibility to have this BucketURL with authentication (E..g, AWS S3 SDK) and fetch the Listobject
On Thu, Jul 15, 2021, 1:40 PM Bengt Brodersen @.***> wrote:
Glad to hear that.
Do you want grant access bei AWS IAM or another auth provider?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/qoomon/aws-s3-bucket-browser/issues/18#issuecomment-880490165, or unsubscribe https://github.com/notifications/unsubscribe-auth/AET4MGKVYBPS4FV3AHA26DLTX2JV3ANCNFSM5AL2OWTQ .
If you'll use basic auth proxy, you should be able to use something like http://username:password@your.bucket.url/
How can do the same with accessId & secret key?
On Thu, Jul 15, 2021, 1:59 PM Bengt Brodersen @.***> wrote:
If you'll use basic auth proxy, you should be able to use something like @.***/
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/qoomon/aws-s3-bucket-browser/issues/18#issuecomment-880503736, or unsubscribe https://github.com/notifications/unsubscribe-auth/AET4MGJT2MU4AYDXWDEDIGTTX2L57ANCNFSM5AL2OWTQ .
Adding the above, would it be a safe practice to expose creds from html file?Kindly help me with best approach
On Thu, Jul 15, 2021, 2:03 PM Vinay Kumar @.***> wrote:
How can do the same with accessId & secret key?
On Thu, Jul 15, 2021, 1:59 PM Bengt Brodersen @.***> wrote:
If you'll use basic auth proxy, you should be able to use something like @.***/
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/qoomon/aws-s3-bucket-browser/issues/18#issuecomment-880503736, or unsubscribe https://github.com/notifications/unsubscribe-auth/AET4MGJT2MU4AYDXWDEDIGTTX2L57ANCNFSM5AL2OWTQ .
If you like to do it with accessId & secret key you probably need add some login logic to this index.html
Every PR is welcome. There should be an option enable login via accessId & secret key.
My approach would be the following.
maybe this this helpful https://medium.com/@aidan.hallett/securing-aws-s3-uploads-using-presigned-urls-aa821c13ae8d
I am actually thinking of handling this through API Gateway for S3 and I want to see that this API endpoint should work in VPC
What's your input on this ?
I think that's fine.
@SamuelVinay91 Have you achieved showing contents in static-website from private bucket ? If yes any inputs from you how can I proceed ?
Use Case: I have Implemented s3-static-website + cloud-front with labda@Edge + aws congnito. cloud-front url is authenticated with cognito to show the static-website.
Even though we have enable authentication at browser level for static website, files can be accessed programmatically from anywhere.
Could you please suggest a way how we can restrict the same ?
I would like to thank for your amazing tool and I found it very useful.I request your inputs on how can we implement this for private buckets?