Open Closed

How to use Cloudfront + S3 for AWS Blob provider #9719

User avatar
0
Bryan-EDV created

Hi ABP,

I am currently using the AwsBlobProvider to upload objects into S3.

However, I want to switch this to CloudFront + S3 for lower latency and better security (S3 will be a private bucket)

Is there a way we can still leverage the BlobProvider but use Cloudfront URL instead of S3?

Thanks

Go to accepted answer
2 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can try to override the built-in AWS services for implementation.

    https://github.com/abpframework/abp/tree/dev/framework/src/Volo.Abp.BlobStoring.Aws/Volo/Abp/BlobStoring/Aws https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.BlobStoring.Aws/Volo/Abp/BlobStoring/Aws/DefaultAmazonS3ClientFactory.cs#L16

    Thanks.

  • User Avatar
    0
    AI-Bot created
    Support Team ABP Agent

    To use CloudFront with S3 in ABP's AWS Blob Provider, you need to keep storing files in S3 (using the existing AwsBlobProvider), but serve/download them via CloudFront URLs instead of direct S3 links. The ABP Blob Storing system itself does not natively generate CloudFront URLs; it only manages storage and retrieval from S3.

    How to achieve this:

    1. Continue using AwsBlobProvider for uploads:
      Your current upload logic remains unchanged. Files are stored in your private S3 bucket.

    2. Configure CloudFront to serve your S3 bucket:

      • Set up a CloudFront distribution with your S3 bucket as the origin.
      • Restrict S3 bucket access to CloudFront only (using Origin Access Identity or Origin Access Control).
      • Optionally, enable signed URLs/cookies for secure access.

    3. Generate CloudFront URLs in your application:

      • When you need to provide a download or access link, generate a CloudFront URL instead of an S3 URL.
      • If you use signed URLs, use AWS SDK or a library to generate signed CloudFront URLs for your objects.

    4. Override or extend your application service:

      • In your ABP application service, after uploading or when retrieving a file, construct the CloudFront URL using the object key (the same key used in S3).
      • Example:
    public string GetCloudFrontUrl(string objectKey)
     {
         var cloudFrontDomain = "https://your-distribution.cloudfront.net";
         return $"{cloudFrontDomain}/{objectKey}";
     }
    • For signed URLs, use AWS SDK's Amazon.CloudFront.CloudFrontUrlSigner.

    Summary:

    • Uploads remain via AwsBlobProvider.
    • Downloads/links are generated as CloudFront URLs in your application logic.
    • ABP does not automatically generate CloudFront URLs; you must handle this in your service layer.

    Sources:

    This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.

Assignee
User avatar maliming
Question details
Labels
None yet
Learn More, Pay Less
33% OFF
All Trainings!
Get Your Deal
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.0.0-preview. Updated on September 12, 2025, 10:20