This example shows how to serve private contents on AWS S3 through CloudFront signed URL.

AWS CloudFront with Signed URL

This is the repository of my blog post.

This example shows how to serve private contents on AWS S3 through CloudFront signed URL. We will be using aws-sdk-go as the programming client.

Prerequisite

  • A S3 bucket.
  • A CloudFront distribution.
    • Should be created using the S3 owner because S3 bucket policies don’t apply to objects owned by other accounts.
  • The CloudFront bucket access restriction is enabled.
  • A CloudFront origin access identity is created and added to your S3 permission policy.
  • The CloudFront viewer access restriction is enabled and associated with your key group.
  • The public access of your S3 is blocked (default).

Usage

S3_REGION=us-east-2 \
S3_ACCESS_KEY=my-s3-access-key \
S3_SECRET_KEY=my-s3-secret-key \
S3_BUCKET=my-s3-bucket \
CF_DOMAIN=mycfdomain.cloudfront.net \
CF_PUBLIC_KEY_ID=my-cloudfront-access-key \
CF_PRIKEY_PATH=my-cloudfront-prikey-path \
go run main.go

Result

hello.txt will be uploaded to S3 bucket my-s3-bucket with key mysubpath/hello.txt. Its CloudFront URL https://mycfdomain.cloudfront.net/mysubpath/hello.txt will be signed, and the signed URL will be printed in the standard output. Users can access the object via this signed URL until it expires 1 hour later.

Owner
Hao-Ming, Hsu
Keep it smart and simple.
Hao-Ming, Hsu
https://github.com/minghsu0107/cloudFront-signed-url https://minghsu0107.github.io/posts/aws-cloudfront-with-signed-url/
Similar Resources

This repository shows how can we use `AWS Lambda` to build serverless applications in golang.

Serverless Api in Go with AWS Lambda Here we are going to use AWS Lambda to build serverless applications in golang. Prerequisites You’ll need an AWS

Nov 3, 2021

Aws-cdk-go-examples - Example projects using the AWS CDK by Golang

aws-cdk-go-examples Example projects using the AWS CDK by Golang Useful commands

Nov 24, 2022

The example shows how to build a simple multi-tier web application using Kubernetes and Docker

The example shows how to build a simple multi-tier web application using Kubernetes and Docker

Guestbook Example This example shows how to build a simple multi-tier web application using Kubernetes and Docker. The application consists of a web f

Nov 15, 2021

Cpu-profiling - Basic example of CPU Profiling in Golang which shows the bottlenecks and how much time is spent per function

cpu-profiling Basic example of CPU Profiling in Golang which shows the bottlenec

Aug 2, 2022

Webserver I built to serve Infura endpoints. Deployable via k8s and AWS EKS. Load testable via k6 tooling, and montiorable via prometheus and grafana

Infura Web Server Welcome to my verion of the take home project. I've created a webserver written in go to serve Infura api data over 3 possible data

Nov 15, 2022

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

rpCheckup - Catch AWS resource policy backdoors like Endgame rpCheckup is an AWS resource policy security checkup tool that identifies public, externa

Dec 26, 2022

This library aims to make it easier to interact with Ethereum through de Go programming language by adding a layer of abstraction through a new client on top of the go-ethereum library.

Simple ethereum client Simple ethereum client aims to make it easier for the developers to interact with Ethereum through a new layer of abstraction t

May 1, 2022

🚩 TOC, zero configuration table of content generator for Markdown files, create table of contents from any Markdown file with ease.

🚩 TOC, zero configuration table of content generator for Markdown files, create table of contents from any Markdown file with ease.

toc toc TOC, table of content generator for Markdown files Table of Contents Table of Contents Usage Installation Packages Arch Linux Homebrew Docker

Dec 29, 2022

Read a tar file contents using go1.16 io/fs abstraction

Read a tar file contents using go1.16 io/fs abstraction

go-tarfs Read a tar file contents using go1.16 io/fs abstraction Usage ⚠️ go-tarfs needs go=1.16 Install: go get github.com/nlepage/go-tarfs Use: pac

Dec 1, 2022

Synchronise a directory's contents with a git repository.

git-volume-reloader Synchronise a directory's contents with a git repository. Synchronisation is triggered by a webhook sent by the git service provid

Sep 16, 2022

CLI filters the contents of the csv file according to the filters from the another file.

filtercsv CLI filters the contents of the csv file according to the filters from the another file. Made to process big files by a lots of filters. By

Dec 2, 2021

You-Get is a tiny command-line utility to download media contents (videos, audios, images) from the Web,

You-Get is a tiny command-line utility to download media contents (videos, audios, images) from the Web,

You-Get NOTICE: Read this if you are looking for the conventional "Issues" tab. You-Get is a tiny command-line utility to download media contents (vid

Jan 2, 2023

A small command line tool for testing grok patterns on file contents.

grogg A small command line tool for testing grok patterns on file contents. It uses the vjeantet/grok library for parsing and pterm for some extra glo

Feb 5, 2022

Undock - Extract contents of a container image in a local folder

Undock - Extract contents of a container image in a local folder

About Undock is a CLI application that allows you to extract contents of a conta

Jan 4, 2023

:steam_locomotive: Decodes url.Values into Go value(s) and Encodes Go value(s) into url.Values. Dual Array and Full map support.

Package form Package form Decodes url.Values into Go value(s) and Encodes Go value(s) into url.Values. It has the following features: Supports map of

Dec 26, 2022

High-Performance Shortlink ( Short URL ) app creator in Golang. For privacy reasons, you may prefer to host your own short URL app and this is the one to use.

High-Performance Shortlink ( Short URL ) app creator in Golang. For privacy reasons, you may prefer to host your own short URL app and this is the one to use.

About The Project Shortlink App in Golang Multiple Node based Architecture to create and scale at ease Highly performant key-value storage system Cent

Jan 3, 2023

Go-based search engine URL collector , support Google, Bing, can be based on Google syntax batch collection URL

Go-based search engine URL collector , support Google, Bing, can be based on Google syntax batch collection URL

Go-based search engine URL collector , support Google, Bing, can be based on Google syntax batch collection URL

Nov 9, 2022

A productivity tools to diagnose list of exported URL status from Google Search Console, Analytics, Sitemap URL...etc.

google-url-checker A productivity tools to diagnose list of exported URL status from Google Search Console, Analytics, Sitemap URL...etc. A quick way

Dec 31, 2021

Putty-url-scheme - Open PuTTY as a url scheme

PuTTY URL Scheme Helper Open PuTTY as a url scheme Install download release bina

Apr 25, 2022
Related tags
Cloud Computing golang s3-bucket signed-url cloudfront
Run the same Docker images in AWS Lambda and AWS ECS
 Run the same Docker images in AWS Lambda and AWS ECS

serverlessish tl;dr Run the exact same image for websites in Lambda as you do in ECS, Kubernetes, etc. Just add this to your Dockerfile, listen on por

Dec 22, 2022
Unofficial Terraform Provider for Zscaler Private Access

Terraform Provider for ☁️ Zscaler Private Access ☁️ ⚠️ Attention: This provider is not affiliated with, nor supported by Zscaler in any way. Website:

Dec 14, 2022
AWS SDK for the Go programming language.

AWS SDK for Go aws-sdk-go is the official AWS SDK for the Go programming language. Checkout our release notes for information about the latest bug fix

Jan 1, 2023
Browse your AWS ECS Clusters in the Terminal
 Browse your AWS ECS Clusters in the Terminal

Browse your AWS ECS Clusters in the Terminal. The ecsview application is a terminal-based UI for browsing Amazon Elastic Container Service (ECS) clust

Dec 14, 2022
Generate a basic IAM policy from AWS client-side monitoring (CSM)
 Generate a basic IAM policy from AWS client-side monitoring (CSM)

iamlive Generate a basic IAM policy from AWS client-side monitoring (CSM) Installation Pre-built binaries Pre-built binaries for Windows, macOS and Li

Jan 8, 2023
AWS plugin for Steampipe
 AWS plugin for Steampipe

Use SQL to query IAM users, EC2 instances and more from your AWS account.

Dec 29, 2022
Serve container tar.gz contents for docker

Serve container tar.gz contents for docker

Oct 20, 2022
AWS Lambda to work around index.html S3/CloudFront mess

No more index.html mess with AWS CloudFront/S3 Problem Consider you have a statically generated site — a bunch of usual resources, including html file

Jan 2, 2023
AWS Cloudfront Real-Time Logging Stack

aws-cf-rtl AWS Cloudfront Real-Time Logging Why? AWS Cloudfront easily stashes JSON formatted weblogs to S3 buckets (standard logging). However, proce

Jan 18, 2022
Go package providing opinionated tools and methods for working with the `aws-sdk-go/service/cloudfront` package.

go-aws-cloudfront Go package providing opinionated tools and methods for working with the aws-sdk-go/service/cloudfront package. Documentation Tools $

Feb 2, 2022