Update 8.12.2022

We are currently making changes to our S3 Bucket implementation. For the time being, please contact us at support@fetchapp.com to implement a bucket policy.

Thanks!

Setting up your S3 bucket policy can be done by following these instructions:

https://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-bucket-policy.html

For additional security, the following is a sample bucket policy statement that will ONLY allow traffic from a valid order link, and will deny traffic from expired order links:

{
  "Version":"2012-10-17",
  "Id":"http referer policy example",
  "Statement":[
    {
      "Sid":"Allow get requests originating from your FetchApp account from open orders.",
      "Effect":"Allow",
      "Principal":"*",
      "Action":"s3:GetObject",
      "Resource":"arn:aws:s3:::examplebucket/*",
      "Condition":{
        "StringLike":{"aws:Referer":["http://yourhandle.fetchapp.com/get/*"]}
      }
    },
    {
      "Sid":"Deny requests originating from anywhere other than your FetchApp account.",
      "Effect":"Deny",
      "Principal":"*",
      "Action":"s3:GetObject",
      "Resource":"arn:aws:s3:::examplebucket/*",
      "Condition":{
        "StringNotLike":{"aws:Referer":["http://yourhandle.fetchapp.com/get/*"]}
      }

    }
  ]
}

Note: In the above policy, you'll want to replace yourhandle with the handle of your FetchApp account.