When a user uploads his photos it will be stored on CDN or DFS. Once a link is generated on either of this approach and link becomes public any person will be able to acess that file. I want to enforce a user level restrictions.
For Eg If I have three users A,B and C and A & B are friends If A uploads photos to my system only B should be able to see it. Even if C get the link it should restrict access to C.
How do I implement such restrictions
I Tried reading on CDN and DFS but could not find any user level access to implement the ask
If you are using CloudFront as your CDN provider, then you can use signed URLs to control access to private content (See docs). Alternatively, you can just use S3 pre-signed URLs directly, with the caveat that they would no longer be served via CDN.
Both approaches allow you to have expiration on the URL, which reduces risk of URLs being shared.