Using this free open source AWS S3 Lambda upload example and tutorial you can get your website handling user file uploads to AWS S3 in a secure and scalable architecture. And it will just take a few minutes!
It’s a common use case to have users of your site upload files. The typical approach would be to handle the file upload directly in your application, then copy the file to S3.
The downsides to this approach is it uses a lot of application resources and can tie up threads for long periods of times. What happens if you get a burst of large file uploads all at once, either from a spike in legitimate traffic, or from a malicious resource exhaustion attack? There are serious scalability issues to consider.
A better approach is to have the end user upload the file directly to AWS S3. Your application doesn’t need to spend any resources on file upload handling, and the approach is inherently auto scaling. However you need to be sure you do this in a way that doesn’t open your S3 bucket to the public and that doesn’t expose any of your AWS credentials to the end user. Luckily S3 supports a feature called pre-signed URLs, in which a specially generated URL, with a security token, can allow limited access to an S3 bucket within a specific time window.
While this looks more complex, it’s actually extremely simple and works independently from your application. You can get a working, scalable, file upload solution in just a few minutes, no matter what your website is built with. It works with all file types and it doesn’t matter if your website is built with Java, Ruby on Rails, or just HTML. Check out the project here on GitHub: S3-Lambda-Uploader. You’ll be surprised at how simple it is!
P.S. If you’ve been working with HTTP based S3 uploads and are getting a Preflight Request Failure or access control error, check out the CORS configuration in Step 1 of the instructions!