I'm just getting started with AWS and I'm setting up a file upload feature for my app. Here's the workflow I've come up with:
1. When a user wants to upload a file, they hit the API endpoint /get-signed-url.
2. The API first checks if the user has reached their daily limit for signed URLs. If they have, it returns an error.
3. If the user already has a signed URL that's still valid, the workflow moves to the next step.
4. If not, the API generates a new signed URL with a 2-hour expiration using the AWS SDK and saves it in the database, incrementing their URL usage count.
5. The API sends the signed URL back to the user.
6. If the user requests another URL before the expiration, the workflow restarts at step 3.
7. The user then uses this URL to upload their file directly to Amazon S3.
8. Each time a file upload occurs, it triggers a Lambda function that checks the uploaded file's size and type. If the file isn't allowed, it gets deleted.
I'm wondering, does this workflow have any potential problems? Am I overlooking anything that could lead to unexpected charges? Any suggestions for improvement would be appreciated!
1 Answer
You might want to check if your users can upload files larger than 5GB. If they can, your current workflow might hit a snag since that requires multipart uploads. Users can hit their limit on signed URLs during a multipart upload, depending on how you handle it.
I was hoping to limit uploads to 50MB, but I couldn't figure it out, so right now, they can upload anything. I can only check the size after it’s already in the bucket.
I can’t prevent users from uploading large files. I do some checking on the front end, but once the file's uploading directly to S3, I can't verify the size beforehand. Any tips on how to manage that?