Can I automatically share files from Object Storage publicly?
Yes this is possible with the S3 API, you can find the steps on how to set this up below.
How do I automatically share files from Object Storage publicly?
- Setup your S3 tool. The easiest way is to use aws cli. Please make sure to have it installed and configured properly.
- Create a file public-sharing-policy.json with the following content:
{
“Id”: “your-fancy-name”,
“Version”: “2012-10-17”,
“Statement”: [
{
“Action”: [
“s3:GetObject”
],
“Effect”: “Allow”,
“Resource”: [
“arn:aws:s3:::foldername/file”
],
“Principal”: “*”
}
]
} - Next you need to enable public Sharing for a folder an all its sub items. To do this Create a file public-sharing-policy.json with following content:
{
"Id": "your-fancy-name",
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::foldername/*"
],
"Principal": "*"
}
]
} - Please be aware that the S3 Object Storage doesn’t support file listing in browser. The s3TenantId can be retrieved via the Contabo API.
The only difference is that you use “*”as a wildcard / placeholder for the file name. Of course you can have constructs like “arn:aws:s3:::foldername1/foldername2/*”.
How do I disable public sharing via the S3 API?
To disable the Public Sharing for a file or folder you need first to get the current policy via:
aws --profile eu2 --endpoint-url https://eu2.contabostorage.com s3api get-bucket-policy --bucket foo
Then remove the parts you would like to remove and do the put-bucket-policy again with the modified file. If it is the last entry in there you could also delete it completely via:
aws --profile eu2 --endpoint-url https://eu2.contabostorage.com s3api delete-bucket-policy --bucket fooBut be cautious as this will delete all policies on that bucket.