I want to make a Video On Demand service using AWS S3 , and I would like to restrict each of my clients to his own bucket/folder (which one schema is best..) . I want a client to have access only to his bucket/folder, but these people are not going to have an AWS account.
I read ,and still reading, about IAM users,roles and policies but I have not found something pointing to what I want to achieve.
If you know the IP address (or CIDR blocks) of each client, you can then restrict your bucket with a policy.
http://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html
Alternatively, you could just set up IAM accounts for them within your own account, and scope their access accordingly. That would let them use a very limited form of the AWS Console. You can even write your IAM policies so that users automatically have access to something like:
s3://your-bucket/%username%/
이 기사는 인터넷에서 수집됩니다. 재 인쇄 할 때 출처를 알려주십시오.
침해가 발생한 경우 연락 주시기 바랍니다[email protected] 삭제
몇 마디 만하겠습니다