Lets say I have a social media app like Instagram. Do I have to get a signed URL for every single image? Each user sees like 100 images, does that mean that it has to get 100 singed URLs for each user?
To make an entire Amazon S3 bucket "public" (or a path within the bucket), use a bucket policy.
From Bucket policy examples - Amazon Simple Storage Service:
The following example policy grants the
s3:GetObjectpermission to any public anonymous users. This permission allows anyone to read the object data, which is useful for when you configure your bucket as a website and want everyone to be able to read objects in the bucket.
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject","s3:GetObjectVersion"],
"Resource":["arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"]
}
]
}
Before you use a bucket policy to grant read-only permission to an anonymous user, you must disable Block Public Access settings for your bucket.