S3/Cloudfront SIgned URL

Thank you for your post!

Feature name

  • Custom Field | S3/CF SIgned URL type

Feature function

  • What will this feature do differently? Currently not available
  • What benefits will this feature bring? Allows S3 storage / secure Cloudfront access
  • Remember to add a tag for each client application that will be affected

Related topics + references

  • Are there any related topics that may help explain the need and function of this feature? Expanded attachment space.
  • Are there any references to this feature or function on other platforms that may be helpful? Not I’m aware of.

Hi @JojieRT and welcome to the community,

I’m just a bit curious about what your request exactly would entail. Could you perhaps expand on what this feature would do?

I would imagine though if you have a self-hosted instance of Bitwarden this can be run anywhere that is supported, be that on-prem or in a public cloud such as AWS.

You should be able to run an instance of Bitwarden with attached S3 buckets for object storage.
I’m not sure familiar with Cloudfront but from what I can gather it is a CDN mixed with a WAF, so you may be able to front your Bitwarden instance with this as well.

If you need further help with rolling out your deployment I also encourage you to feel free to reach out to Bitwarden’s official support.

So instead of having attachments, I could enter a base url as a Custom Text with type eg, SignedURL BW would then convert that into a Signed URL when I click it. There would be a setup for the Key/Secret of course. Right now, if I want to view, say a JPG attachment, I would have to first download it then open it. If it were a clickable URL, it would just open in a browser and the URL expires, etc.

BTW, I was running vaultwarden (still running actually in an EC2 instance) but I realize that now that BW is used by everyone in the extended household, it becomes risky self-hosting should I get hit by a bus, etc.