AI & Machine Learning
Edge Network
Infrastructure as a Service
Platform as a Service
Virtual & Dedicated Servers
Video Streaming Platform
Security
Cloud for Mobile
Custom Services
By Industry
By Service
Referral Program
Bug Bounty Policy
Compliance
Awards and Recognition
Careers
Internet Peering Points
Events
Infrastructure
S3 storage is a popular asset source for websites, mobile apps, and other web services. Weâre happy to announce our new feature that allows you to connect your S3 bucket with non-public access as an origin to Gcore CDN with ease.
Previously, this option was available only on demand, and required sending a request to the technical support team. Today, connecting a private S3 bucket as an origin is available to everyone, and can be accessed from either the control panel UI or API.
Public and Private S3 Storage
S3 storage is the most popular and convenient solution to store and share static files on the internet. It is fast, simple, and truly scalable. S3 storage is much cheaper than web hosting storage and provides more flexibility when scaling the app.
All uploaded to S3 storage files are organized in buckets with public or private read permissions. If you choose public permission, all the files in the bucket will be available to anyone on the internet without authentication.
Private S3 buckets, on the other hand, allow reading files only for authenticated clients. The authentication process is powered by the AWS Signature V4 algorithm, so you wonât be able to retrieve the assets if you donât have the access keys (access key ID, secret access key).
Learn more about AWS Signature V4: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
Private Bucket as an Origin
Using a private S3 bucket as an origin for CDN allows you to deliver your web assets to all website or app users, but keep them secure from direct bucket access. All stored files will be hidden behind the CDNâs edge servers and remain inaccessible without authentication.
How to Connect
This feature is available when you choose âAccelerate and protect static assets onlyâ as an acceleration type for your CDN resource.
To create an origin for your private S3 storage, simply go to the âAdd origins groupâ and select AWS Signature V4 as a type of origin authentication. In this case, only one origin is available within the origins group.
You can choose Amazon S3 storage, in which case the hostname will be pre-filled, or pick Other if youâre using another S3 storage.
If you prefer to manage the infrastructure via API, run the following request:
{
"name": "YourOriginGroup",
"useNext": true,
"auth_type": "awsSignatureV4",
"auth": {
"s3_type": "amazon",
"s3_access_key_id": "EXAMPLEFODNN7EXAMPLE",
"s3_secret_access_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"s3_bucket_name": "bucket_name",
"s3_region": "us-east-2"
}
}
Check out our documentation to learn more about how to manage origins groups via API: https://api.gcore.com/docs/cdn#tag/Origins/operation/create_origin_group.
If you want to proxy other files of your application or website via Gcore CDN, you will need to create one more CDN resource.
Learn more on how to set up private S3 storage as an origin: https://gcore.com/docs/cdn/cdn-resource-options/general/use-a-private-bucket-as-an-origin/
Adding a private S3 storage as an origin for CDN service is a great opportunity for our users to make their operations more flexible while meeting their security and privacy requirements.