问题描述
S3如何防盗链?我设置了规则,但是上传上去的文件还是所有人可见,还得手工去掉所有人可见?
解决方案
解决方案二:
你可以试试下面的桶策略readonly目录全员可读refereronly限制referer的域名{"Version":"2012-10-17","Statement":[{"Sid":"everyonecanreadfile","Effect":"Allow","Principal":"*","Action":"s3:GetObject","Resource":"arn:aws:s3:::testpolicy/readonly/*"},{"Sid":"Allowgetrequestsreferredbywww.example.comandexample.com","Effect":"Allow","Principal":"*","Action":"s3:GetObject","Resource":"arn:aws:s3:::testpolicy/refereronly/*","Condition":{"StringLike":{"aws:Referer":["http://www.example.com/*","http://example.com/*"]}}}]}
参考:https://docs.aws.amazon.com/zh_cn/AmazonS3/latest/dev/example-bucket-policies.html
时间: 2024-10-01 21:39:45