I'm uploading videos to an AWS s3 bucket. That's working great.
I now need to render those videos via Nationbuilder templates, which will look like <video><source src="...s3_url"></video>
From my current testing, I'm getting a 403 forbidden error when the page tries to load the video, but when I visit the s3 link I CAN view the video.
What I've tried:
- I've 'unblocked' ALL public access
- I tried the opening CORS:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
]
- I tried opening via "Bucket policies":
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<bucketname>/*"
}
]
}
What I can't tell, is where/how I should be giving permission for my website "videoexample.com" to access the s3 bucket.
The possibilities from what I've read so far seem to be:
- CORS (AWS > S3 > Bucket > Permissions)
- "access control lists" (ACLs)
- "bucket policies"
- "access point policies"
- or possibly "Access Points"
- or still possibly via IAM:
s3:PutObjectAcl, ors3:PutObject.
From AWS > S3 > Bucket > Permissions
Block public access (bucket settings) Public access is granted to buckets and objects through access control lists (ACLs), bucket policies, access point policies, or all.
I'd really appreciate any pointers/suggestions/explanations.
Will continue reading in the meantime.
Best
Pete