是否有任何方法可以基于客户端IP地址限制对存储在Amazon S3中的文件的访问?
Is there any way to limit the access of a file stored in Amazon S3 based on the client IP address?
我有一个文件存储在该文件中,只能通过特定的IP地址访问该文件.该怎么做?
I have a file stored there, which should be access only by specific IP address. How to do this?
推荐答案是的,尽管我自己没有使用过.
Yes there is, although I have not used this myself.
S3支持使用访问策略语言"对存储桶和其中的对象进行精细控制.有特定的白名单和黑名单IP语句可用.但是,您将必须编写APL语句并上载它们.
S3 supports granular control over buckets and objects in them using "Access Policy Language". There is specific whitelist and blacklist IP statements available. You will have to write the APL statements and upload them, however.
docs.amazonwebservices/AmazonS3/latest/dev/AccessPolicyLanguage.html
这是2个条件部分的示例:
Here are 2 condition section examples:
白名单
"Condition" : { "IpAddress" : { "aws:SourceIp" : ["192.168.176.0/24","192.168.143.0/24"] } }黑名单
"Condition" : { "NotIpAddress" : { "aws:SourceIp" : ["192.168.176.0/24","192.168.143.0/24"] } }更多推荐
基于IP地址的Amazon S3文件访问策略
发布评论