Learn how to share PDFs that have been uploaded to S3 with your users.
Once your PDFs are generated and uploaded to S3, there are a number of ways you can provide them to your customers. We're going to walk through two common methods used to deliver files to users from S3. We’ll also take a look at how you can serve files from a custom domain name and how to implement a content distribution network (CDN) to speed up downloads. Finally, this guide looks at some security considerations when providing files to users from S3.
Option 1 - Making PDFs directly downloadable from S3
If you’d like your users to be able to download PDFs directly from your S3 bucket, you can make the bucket publicly accessible.
First, check the "Public Access Settings" for your bucket. The following two options must be set to False:
"Block new public bucket policies"
"Block public and cross-account access if bucket has public policies"
Bucket with correct public access settings
Next, you’ll need to modify the bucket policy that was created when you created the bucket.
Go to "Bucket Policy" under "Permissions", and add the following bucket policy:
Remember to change myapp-bucket-name to the name of the bucket you're using.
Using this method, your users can download a file using the link as many times as they like whilst the file still exists on S3. If this isn’t desirable for your app, you may prefer to generate pre-signed URLs instead. Generating pre-signed URLs is described below.
Forcing downloads to use HTTPS
You may want to prevent downloads from occurring over unencrypted connections, particularly if your PDFs contain any sensitive data. This can be done by adding the following additional statement to your bucket policy:
Setting up a custom domain name for your downloads
If you’ve set up Cloudfront, it’s relatively straightforward to use your own custom domain name instead of the default cloudfront.net domain. To do this you should have prior experience managing DNS records and provisioning SSL certificates.