Amazon S3
S3 (Simple Storage Service) is an object storage. Its alternatives are
It can be used to store massive amount of files such as images and videos at a very low price. Different types of storage are supported based on access frequency. Infrequent accessed file types such as archives have very low price.
Custom Domain
See Cloudfront about how to set up custom domain.
Restricted Access
AWS has private access permission by default, but there are scenarios where public access is required for use cases such as displaying images on web pages.
Sometimes you don't want to expose full public access, to external users. For example, paid services are only for subscribers.
This is not easy with S3. When you give public access to S3 buckets, it's public. The solution is to use CloudFront, like a proxy.
There are 2 options with AWS CloudFront,
- Signed URls
- Signed Cookie
See CloudFront: Serving private content with signed URLs and signed cookies for more details.
More specifically
- Restricting access to files in Amazon S3 buckets
- Restricting access to Amazon S3 content by using an origin access identity (OAI)
Users can no longer access files using S3 URLs, but through CloudFront. CloudFront serves as a reverse proxy.