I have deployed my django app to heroku and using Amazon s3 bucket to store the static files and I see there is no issues in getting data from s3 buckets to heroku. But, when I'm testing to see the content storage location i'm getting the url path in addition with the AccesskeyID
So I'm concerned showing up access id in the browser URl, do we have an option to disable this in heroku or django settings or in AWS
This is a presigned URL and the AWSAccessKeyId is actually part of its structure.
Both this and Signature need to match for this to be displayed to the end user.
If security is a concern just generate IAM user which is minimum permissions. Remember the secret key should be kept secret though, this is the equivalent of a password. An access key however, is actually retrievable through anyone in your AWS account, closer to a username.
