Creating a secure method for users to upload files directly to an S3 bucket is a common requirement in modern web applications.
By using pre-signed URLs, you can allow a client to upload a file directly to S3 without exposing your AWS credentials, they also provide a secure mechanism to upload files directly to S3 from a client, avoiding the need to pass the file data through your server.
In this tutorial, we will leverage the Nitric SDK in Go to generate secure upload URLs for an S3 bucket, which can then be used from your front-end application.
If you haven't used the Nitric SDK before, then start with this tutorial.
Pre-Requisites:
- Go installed on your machine.
- Nitric SDK for Go.
Step 1: Initialize Nitric Bucket Instance
Inside the main function, initialize a new Nitric bucket instance with the name of your S3 bucket.
import (
"context"
"fmt"
"github.com/nitrictech/go-sdk/nitric"
)
func main() {
bucket, err := nitric.NewBucket("bucket-name").With(nitric.BucketWriting)
if err != nil {
return
}
// TODO: Implement secure upload URL
if err := nitric.Run(); err != nil {
fmt.Println(err)
}
}
Step 2: Generate a Secure Upload URL
Now, generate a secure upload URL for a specific file. In this example, we are creating a URL for uploading a file named cat.png. We also specify a time-to-live (TTL) for the URL of 3600 seconds (1 hour).
uploadUrl, err := bucket.File("cat.png").UploadUrl(context.TODO(), 600)
if err != nil {
return
}
Now, you have a secure upload URL for your cat.png file. You can use this URL in your front-end application to securely upload the cat.png file to your S3 bucket. The URL will expire after 1 hour, ensuring that the upload URL cannot be misused after a reasonable amount of time.
This setup abstracts much of the boilerplate and complexity involved in generating pre-signed URLs for S3, allowing developers to focus more on building their applications.
The Nitric SDK offers a streamlined approach to interacting with AWS S3, among other cloud services, in a cloud-agnostic manner.
Top comments (0)