更新时间:2023-11-27 08:49:16
有两种使用Amazon S3的基本方法:
There are two basic ways to use Amazon S3:
在第一种情况下,只有您的应用程序有权访问S3中存储的数据/文件.它必须检索内容并将其提供给用户.这是Web服务器的传统方法.
In the first case, only your application has access to the data/files stored in S3. It must retrieve the content and serve it to users. This is a traditional approach for web servers.
在第二种情况下,您可以生成HTML页面,这些页面包含对存储在S3中的文件的引用.例如,如果图像出现在网页中,则src=
参数将指向Amazon S3 URL.然后,无需通过Web服务器即可从S3提供文件.
In the second case, you can generate HTML pages that contain references to files stored in S3. For example, if an image appears within a web page, the src=
parameter would point to an Amazon S3 URL. The file is then served from S3 without going via your web server.
这可以通过使用预签名URL进行增强,这些URL是有时间限制的URL,可以访问存储在Amazon S3中的私有内容.它是这样的:
This can be enhanced by using Pre-Signed URLs, which are time-limited URLs that provide access to private content stored in Amazon S3. It works like this:
一个预签名URL包含:
A Pre-Signed URL consists of:
仅需几行代码即可创建预签名URL,无需调用AWS API.
The Pre-Signed URL can be created in just a couple of lines of code and does not require a call to the AWS API.
底线:将所有图像设为不公开.您的应用程序确认每个用户有权即时访问图像,然后生成URL来授予有时间限制的访问.
Bottom line: Keep all images private. Your application confirms each user's right to access the images on-the-fly, then generates URLs to grant time-limited access.