Deep dive into AWS for developers | Part4 — S3

  • No uppercase. Must start with lowercase letter or number.
  • No underscore.
  • Length can be anything between 3 to 63 characters.
  • We can’t specify an IP in the name of S3 buckets.
  • User based Security-Policy :- Our IAM user have the IAM policies and it dictates, whether our end-user have access to S3 bucket or not ?
  • Resource based Security-Policy :- We can have bucket wide rules from S3 console. It helps us to control, which principals can execute which all actions on the S3 bucket. It also allows us to perform cross-account actions as well on our S3 buckets. Apart from these, we can also have “Object access control list” and “Bucket access control list”.
  • Same-Origins :- Say for example, request from browser from website-1 (http://www.example.com/app1) to the same origin another link (http://www.example.com/app2).
  • Different-Origins :- Say for example, browser makes a request from website-1 (http://www.example.com) to the different origin link (http://www.other.example.com).
  • Say web-browser made a request to the main-origin (https://www.example.com), which in-turn would be accessing the another origin site (https://www.other.com).
  • Next, web-browser would make a pre-flight request and in this request, it would ask to the cross-origin that, whether the access is allowed or not from the main-origin (www.example.com) ?
  • Now, the cross-origin responds back by mentioning (In CORS Headers), whether “Access-Control-Allow-Origin” is allowed or not and which “Access-Control-Allow-Methods” are allowed ? This is what this Cross-origin is allowing this browser to do.
  • Next, browser would issue a request to the cross-origin url.
  • Say we have a S3 bucket, which is enabled as a static website. We hit to the static-site hosted on this S3-bucket. The website would return back with ‘index.html’ file.
  • Next, say this ‘index.html’ file suggests that, get a different file from same origin (same S3 bucket). Since the other file is also present on the same origin (i.e. same S3 bucket), therefore the file can be accessed well.
  • Say we have a S3 bucket, which is enabled as a static website. We hit to the static-site hosted on this S3-bucket. The website would return back with ‘index.html’ file.
  • Next, say this ‘index.html’ file suggests that, get a different file from different origin (i.e. different S3 bucket). If the other bucket is configured with right CORS headers, then the web-browser would be able to make the request. If not, browser would not be able to make the requests for other files present in other S3 bucket.

--

--

--

Software Engineer for Big Data distributed systems

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Monday update from PointPay

Enhancing the Default YouTube Player for Portfolio Sites

CS371p: Week 6

One Time Permissions Android 11

Going to the Cloud? Go Containers — Container Journal

Corpus Christi, TX (PRWEB) June 21, 2013

[Unity ECS] Serializing ECS data

Concurrency with O(n) Algorithms

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
aditya goel

aditya goel

Software Engineer for Big Data distributed systems

More from Medium

Deployer — secure method of auto publishing new versions of applications

How to work with multiple AWS CLI accounts

How to deploy a MySQL database using AWS RDS — a simple way!

Migrating to AWS Step Functions