如何使我的iOS应用程序安全地使用AWS S3

时间:2015-11-21 19:57:01

标签: ios swift amazon-web-services amazon-s3 amazon-cognito

我真的需要帮助,因为我整天都在战斗,没有结果。我在AWS S3上有文件,我想通过url获取。我有iOS应用程序,它读取这些文件,一切正常。 但我不会保护我的文件,所以增加安全性,之后我遇到了很多麻烦。 那么,我做了什么:

我添加了存储桶策略:

{
    "Version": "2012-10-17",
    "Id": "Policy1448129771756",
    "Statement": [
        {
            "Sid": "Stmt1448129767926",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::646483417075:role/Cognito_MyAppAuth_Role"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::my.files.info/*"
        }
    ]
}

我创建了Cognito Identity Pool,它为我生成代码:

然后初始化凭证提供程序:

// Initialize the Amazon Cognito credentials provider  

AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvider alloc]
initWithRegionType:AWSRegionUSEast1
identityPoolId:@"us-east-1:6f261e92-dca3-xxxxx-xxxxxxx-xxxxxxxxx"];

AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:AWSRegionUSEast1 credentialsProvider:credentialsProvider];

[AWSServiceManager defaultServiceManager].defaultServiceConfiguration = configuration;

我正在写Swift,所以我重写了这样的代码:

let awsCognitoCredentialsProvider: AWSCognitoCredentialsProvider
let configuration: AWSServiceConfiguration

self.awsCognitoCredentialsProvider = AWSCognitoCredentialsProvider(regionType: AWSRegionType.USEast1,
    identityPoolId: "us-east-1:6f261e92-dca3-xxxxx-xxxxx-xxxxxxxxxxxx")

self.configuration = AWSServiceConfiguration(region: AWSRegionType.USEast1, credentialsProvider: self.awsCognitoCredentialsProvider)
            AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = self.configuration

它没有任何错误,但我没有在AWS Cognito Console中看到一些身份。我发现了很多代码示例,但它们都像我的一样。请有人帮帮我吧!

1 个答案:

答案 0 :(得分:0)

您是否与Cognito进行过API调用?除非您这样做,否则它不会创建id / get凭据。请参阅有关在Cognito docs中获取Cognito ID的部分。那要么创建id,要么给你一个错误。

相关问题
最新问题