views:

41

answers:

1

Once you stored contents in S3 and make it public, then everyone have access to it. Is there a way to let only authorized users have access to the content stored in S3? For example, I have a site that let people store their documents. The server stores these documents in S3 and I would like only the user who uploaded the document to have access to it.

I know I can copy the S3 contents to my server and let only authorized users have access, but this will make the server slow. I would like to be able server the contents directly to the client's browser from the S3.

Thanks.

+2  A: 

You want to read the section called 'Query String Request Authentication Alternative' found here http://docs.amazonwebservices.com/AmazonS3/2006-03-01/index.html?RESTAuthentication.html

It explains how to create a time-based expiring link to an S3 object

You would then have to write the code that manages the users (the who owns which object part of your question).

Joshua Smith