- 最新
- 最多得票
- 最多評論
Accessing an S3 URL directly, as in typing it in your browser's URL bar, will only ever work if the URL is signed, or if the S3 object is public (which you don't want in this case).
What you want I think, is to build a web application where you have JavaScript that (1) first uses the identity pool to get temporary AWS credentials using your Cognito User's credential (i.e. ID token) and then (2) uses the temporary AWS credentials to construct a signed URL. Then finally (3) use that signed url in the image element: <img src="...signed url..." />
.
Here is some sample code from one of my apps, to give you an idea how to generate a signed URL. This uses the Amplify JS library that abstracts (1) away for you (this of cource only works if you use Amplify Auth in your JS app):
import { Auth } from "@aws-amplify/auth"; import { S3Client, GetObjectCommand } from "@aws-sdk/client-s3"; const S3 = new S3Client({ credentialDefaultProvider: () => Auth.currentCredentials, region: process.env.REACT_APP_AWS_REGION, }); const command = new GetObjectCommand({ Bucket: process.env.REACT_APP_S3_BUCKET, Key: "<your key>", }); const signedUrl = getSignedUrl(S3, command, { expiresIn: 3600 });
相關內容
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前