Details
-
Type:
Task
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: None
-
Labels:
-
Story Points:1
-
Epic Link:
-
Sprint:Fall 3: Oct 12 - Oct 23, Fall 4 Oct 26 - Nov 6, Fall 5 Nov 9 - Nov 20, Fall 6 Nov 30 - Dec 11, Fall 7 Dec 14 - Dec 23
Description
We would like to increase our use of S3 buckets to provide data to IGB client application via HTTP.
However, some people might be tempted to download the entire contents of a bucket using this same mechanism, which would be costly.
Let's investigate: Is there a way that we could restrict HTTP requests to IGB only for an S3 bucket?
For example, could we create some kind of filtering function or setting that would "greenlight" requests that meet some criteria, such as: the application making the request is IGB.
[~aloraine] As much I remember while doing the weblog ticket, IGB sends a different useragent then rest of the browser. I think it will be possible to restrict it using IAM policy where we give the condition to match a string sent by IGB.