Thank you very much! I was struggling with these questions in practice exams but this helped clarify it as I haven't ever implemented a solution that uses these.
@Pythoholic Hi Sir, I have 2 basic questions. 1.Cloudfront signed urls allows user to access the content of the file with help of edge location whereas S3 pre signed URL cannot access our bucket..only the lambda functions does that? 2.U mentioned that if we have bulk files like 50k..on downloading 30k th file, if expiration occurs, we ll not be able to download..this example u mentioned for signed cookies right?If yes, then how can we prevent that?
Signed URLs are not inherently public, but they can be shared with anyone who has the URL, making them accessible to anyone who possesses the link. They are typically used to grant temporary access to a private resource, such as a file in a cloud storage bucket. Using signed cookies can be considered safer than signed URLs in some scenarios because signed cookies can restrict access to multiple resources (e.g., all files in a directory) and can be tied to a specific user session. This means that even if someone were to obtain the signed cookie, they would still need to be within the valid session to access the resources. Additionally, signed cookies do not expose the resource URL, adding an extra layer of security. However, the choice between signed URLs and signed cookies depends on the specific use case and the security requirements of your application.
comment : wish there was a example in the console, and how to check if the signed url is valid / invald, what is the response if invalid, does it work for api's that on cloudfront cdn
Hi, this is great information. Would you mind doing a demo of this - or pointing me to one if you already have it. Not sure how to connect the signed cookies and my website
Just a noob question. Do signed cookies only created on pictures, videos and documents? Can we have signed cookie on all files on an Angular application?
Yes you can. I think as long as we map the same structure of creating using headers. It can be used for any urls with a scope, that you are protecting the assets that you have. Because remember that using this the assets are protected against direct url access.
Let me know the use case i can let you know better. Mostly if u use signed urls . The JS and css files along with that gets covered. So if there is anything specific then please let me know.
Great video sir! I have a question. I'm using CloudFront for my project and I need to allow users (from all around the world) to upload files without latency. I can't figure out how can I allow users to upload files through CloudFront. Can you help me please?
With cloud front while creating a cloud front distribution you can specify if you can provide access with HTTP or HTTPS (GET) to read the content, and there are PUT and POST to help user upload files from the URL that you specify, i guess you might be using Lambda to process it, So you can try changing your cloud front configuration to use PUT and POST. Let me know if that helps.
Thank you for your fast answer. I found out how to upload/download files directly to S3 Bucket via pre-signed URLs but I can't find any example code for uploading files through CloudFront via signed URLs.
open the cloudfront in the console and open the open your cloudfront then you can see Restrictions -> click Restrictions -> geo Restrictions - select the GEO Restrictions and edit then you can select the Enable Geo-Restriction = yes then Whitelist then add the country which country people need to access your S3 bucket
I guess that might be the other way around. Every time we use s3 to upload files using cloudfront ie at the edge locations it means we are creating the distributions it should work the same without any restriction
Thank you very much! I was struggling with these questions in practice exams but this helped clarify it as I haven't ever implemented a solution that uses these.
A lot of work into this explanation, thanks for your time, really helped me.
Very good explanation. Kindly add some practicals to understand better.
@Pythoholic Hi Sir, I have 2 basic questions.
1.Cloudfront signed urls allows user to access the content of the file with help of edge location whereas S3 pre signed URL cannot access our bucket..only the lambda functions does that?
2.U mentioned that if we have bulk files like 50k..on downloading 30k th file, if expiration occurs, we ll not be able to download..this example u mentioned for signed cookies right?If yes, then how can we prevent that?
Explaination starts at minute 6:30
Is there some video where you show a practical tutorial for this? :) Would be really cool!
I will try and add one. Thanks for the feedback
@pythoholic - Are signed URLs public? Is using signed cookies safer than signed URLs?
Signed URLs are not inherently public, but they can be shared with anyone who has the URL, making them accessible to anyone who possesses the link. They are typically used to grant temporary access to a private resource, such as a file in a cloud storage bucket.
Using signed cookies can be considered safer than signed URLs in some scenarios because signed cookies can restrict access to multiple resources (e.g., all files in a directory) and can be tied to a specific user session. This means that even if someone were to obtain the signed cookie, they would still need to be within the valid session to access the resources. Additionally, signed cookies do not expose the resource URL, adding an extra layer of security.
However, the choice between signed URLs and signed cookies depends on the specific use case and the security requirements of your application.
comment : wish there was a example in the console, and how to check if the signed url is valid / invald, what is the response if invalid, does it work for api's that on cloudfront cdn
Noted. Thanks for the feedback.
Hi This is something I am looking for. Can you please share the content if possible so that we can read out during our practices.
Hi, this is great information. Would you mind doing a demo of this - or pointing me to one if you already have it. Not sure how to connect the signed cookies and my website
No i have one for cloud front distributions, you can check that out.
Upar se gya sir sb
Hmm... try karte hai isko aur simply karne ki.
@@Pythoholic no it is fine i think i have to read it first before watching,
@@Pythoholic sir why don't you create telegram group to share contents for reading, or for discussion.
Just a noob question. Do signed cookies only created on pictures, videos and documents? Can we have signed cookie on all files on an Angular application?
Yes you can. I think as long as we map the same structure of creating using headers. It can be used for any urls with a scope, that you are protecting the assets that you have.
Because remember that using this the assets are protected against direct url access.
@@Pythoholic I mean even the main.js, polyfill.js, render.js that needed to run the application?
Let me know the use case i can let you know better. Mostly if u use signed urls . The JS and css files along with that gets covered. So if there is anything specific then please let me know.
Great video sir! I have a question. I'm using CloudFront for my project and I need to allow users (from all around the world) to upload files without latency. I can't figure out how can I allow users to upload files through CloudFront. Can you help me please?
With cloud front while creating a cloud front distribution you can specify if you can provide access with HTTP or HTTPS (GET) to read the content, and there are PUT and POST to help user upload files from the URL that you specify, i guess you might be using Lambda to process it, So you can try changing your cloud front configuration to use PUT and POST. Let me know if that helps.
Thank you for your fast answer. I found out how to upload/download files directly to S3 Bucket via pre-signed URLs but I can't find any example code for uploading files through CloudFront via signed URLs.
Ok let me check and get back.
open the cloudfront in the console and open the open your cloudfront then you can see Restrictions -> click
Restrictions -> geo Restrictions - select the GEO Restrictions and edit then you can select the Enable Geo-Restriction = yes then Whitelist then add the country which country people need to access your S3 bucket
I guess that might be the other way around.
Every time we use s3 to upload files using cloudfront ie at the edge locations it means we are creating the distributions it should work the same without any restriction
Good again. Can you please add examples like Premium user for signed Cookies. More practical usecase. 09:10. 15:20
it will be covered in the DVA-C01 course
coming yp
@@Pythoholic Waiting for DVA courses.