You run an ad-supported photo sharing website using S3 to serve photos to visitors of your
site. At some point you find out that other sites have been linking to the photos on your site,
causing loss to your business. What is an effective method to mitigate this?
A.
Store photos on an EBS volume of the web server
B.
Remove public read access and use signed URLs with expiry dates.
C.
Use CloudFront distributions for static content.
D.
Block the IPs of the offending websites in Security Groups.
Explanation:
B
B
B
b
B
http://docs.aws.amazon.com/AmazonS3/latest/dev/ShareObjectPreSignedURL.html
All objects by default are private. Only the object owner has permission to access these objects. However, the object owner can optionally share objects with others by creating a pre-signed URL, using their own security credentials, to grant time-limited permission to download the objects.
When you create a pre-signed URL for your object, you must provide your security credentials, specify a bucket name, an object key, specify the HTTP method (GET to download the object) and expiration date and time. The pre-signed URLs are valid only for the specified duration.
Anyone who receives the pre-signed URL can then access the object. For example, if you have a video in your bucket and both the bucket and the object are private, you can share the video with others by generating a pre-signed URL.
B
B