How to restrict access to the Amazon S3 API?

Question

How to restrict access to the Amazon S3 API?

Is there a way to create a different credential for accessing the key / secret key for accessing Amazon S3 buckets through the REST API where I can restrict access (read only)?

+7

amazon-s3

David whatley Dec 6 '09 at 23:21

source share

3 answers

The recommended way is to use IAM to create a new user, then apply the policy to that user.

+8

Skyler johnson Jul 21 '11 at 17:41

source share

Check out the details at http://docs.amazonwebservices.com/AmazonS3/2006-03-01/dev/index.html?UsingAuthAccess.html (follow the link "Using query string authentication") - this is a subdocument to one Greg Added and describes how to create on-the-fly access URLs.

This uses a hashed private key form and allows expiration, so you can provide quick access to files in a bucket without allowing unlimited access to the rest of the S3 repository.

Building a REST URL is pretty complicated, it took me about 3 hours of coding to get everything right, but it's a very efficient access technology.

+1

Dick chesterwood Jul 18 '11 at 15:24

source share

Greg hewgill · Accepted Answer · 2009-12-07T00:13:16+0000

Yes, you can. The S3 API documentation describes the Authentication and Access Control services available to you. You can set up the bucket so that another Amazon S3 account can read, but not modify items in the bucket.

How to restrict access to the Amazon S3 API?

More articles: