smgcknt-tech
commented
3 years ago Measures under consideration
- Generates pre-signed URL with expiration to allow user to upload object.
Closed smgcknt-tech closed 3 years ago
smgcknt-tech
commented
3 years ago smgcknt-tech
commented
3 years ago https://medium.com/@aidan.hallett/securing-aws-s3-uploads-using-presigned-urls-aa821c13ae8d
https://aws.amazon.com/blogs/developer/generate-presigned-url-modular-aws-sdk-javascript/
https://future-architect.github.io/articles/20201118/
https://suzutomo.dev/Cloud/Storage/S3PreSignedURLWithCloudFront/1.PreSignedURL.html
https://www.wafcharm.com/blog/s3-security-pitfalls/
https://furutimes.com/s3-blockpublicaccess/
As is
To allow user to upload image from traweather app, public access is not blocked for traweather-bucket and using object URL to display image on browser
To be
It is desirable for user to be able to upload image with public access off.