根据用户 IP 为 Amazon Cloudfront 内容生成唯一 URL
我在 Amazon cloudfront 中有内容。这些内容是私人的,但用户在购买时将获得访问权限,以便在有限的时间内访问这些内容。
我希望为特定用户 IP 生成提供给用户的 URL,或者可能是当前会话密钥。我知道可以为私有对象生成经过身份验证的 URL,该对象将在特定时间段内过期。这样做的问题是,只要 URL 没有过期,用户就可以从不同的机器访问内容,而这并不是用户必须具备此能力的要求。
I have contents in Amazon cloudfront. These contents are private but will be given access to users when they purchase to get access to the contents for limited period of time.
I want the URLs given to the users be generated for that specific user IP or may be current session key. I am aware of the option of generating an authenticated URL to a private object that will expire in a certain time period. The problem with that is as long as the URL is not expired users can access the content from different machines which is not a requirement for users to have this capability.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您提到的过期 URL 是使用 CloudFront 的签名 URL 和“固定”策略创建的(请参阅 为 Amazon CloudFront 创建签名 URL)
如果您还想根据请求者的 IP 地址进行限制,则需要使用自定义策略,该策略允许您指定日期范围和 IP 地址(或范围)。
请参阅 http://docs.amazonwebservices.com/AmazonCloudFront /latest/DeveloperGuide/index.html?RestrictingAccessPrivateContent.html#CustomPolicy 了解具体信息。
享受!
The expiring URLs you mentioned are made using CloudFront's signed URLs with a "canned" policy (see Creating Signed URLs for Amazon CloudFront for examples)
If you also want to limit based on the requester's IP address, you need to use a custom policy which allows you to specify a date range and an IP address (or range).
See http://docs.amazonwebservices.com/AmazonCloudFront/latest/DeveloperGuide/index.html?RestrictingAccessPrivateContent.html#CustomPolicy for specifics.
Enjoy!