You have a bucket with a private
ACL, and you want to share access with only a password. Well,
now you can.
Try it out at https://drfk89hh94pbd.cloudfront.net
The password is hunter2
.
-
Send a link and password to your friend / colleague / lover / apprentice / chef.
-
They enter the password, and click the nice big button.
-
Access is granted!
The bucket is fronted with a CloudFront distribution. The S3 bucket only allows access from the distribution.
The button / form sends off to a Lambda function that verifies the password and then produces a signed cookie. This cookie is retrieved by the form, set in the browser and then you can view the bucket unimpeded! Magic.
Using Terraform? See terraform_example
for a quick-start. You'll need to create a CloudFront key
pair and choose a password and then encrypt them both separately with the KMS key the module
generates. These form the variables in the terraform.tfvars file (see terraform.tfvars.example).
Not using Terraform? That's a shame! I'd love you to contribute a CloudFormation template or instructions.