{"id":86357,"date":"2024-12-01T18:44:53","date_gmt":"2024-12-01T15:14:53","guid":{"rendered":"https:\/\/nabfollower.com\/blog\/securing-your-spring-boot-fortress-best-practices-for-robust-applications-4f8c\/"},"modified":"2024-12-01T18:44:53","modified_gmt":"2024-12-01T15:14:53","slug":"securing-your-spring-boot-fortress-best-practices-for-robust-applications-4f8c","status":"publish","type":"post","link":"https:\/\/nabfollower.com\/blog\/securing-your-spring-boot-fortress-best-practices-for-robust-applications-4f8c\/","title":{"rendered":"\u0627\u06cc\u0645\u0646 \u06a9\u0631\u062f\u0646 \u0642\u0644\u0639\u0647 \u0686\u06a9\u0645\u0647 \u0647\u0627\u06cc \u0641\u0646\u0631\u06cc: \u0628\u0647\u062a\u0631\u06cc\u0646 \u0631\u0648\u0634 \u0647\u0627 \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u0647\u0627\u06cc \u0642\u0648\u06cc"},"content":{"rendered":"

Summarize this content to 400 words in Persian Lang <\/p>\n

\u0642\u0627\u0628\u0644\u06cc\u062a \u0647\u0627\u06cc \u062a\u0648\u0633\u0639\u0647 \u0633\u0631\u06cc\u0639 Spring Boot \u0628\u0631\u0627\u06cc \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u06cc\u06a9 \u0646\u0639\u0645\u062a \u0627\u0633\u062a\u060c \u0627\u0645\u0627 \u0627\u0645\u0646\u06cc\u062a \u0628\u0627\u06cc\u062f \u0627\u0632 \u0647\u0645\u0627\u0646 \u0627\u0628\u062a\u062f\u0627 \u062f\u0631 \u062a\u0627\u0631 \u0648 \u067e\u0648\u062f \u0628\u0631\u0646\u0627\u0645\u0647 \u0634\u0645\u0627 \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f. \u0627\u06cc\u0646 \u067e\u0633\u062a \u0639\u0645\u06cc\u0642\u0627\u064b \u0628\u0647 \u0628\u0647\u062a\u0631\u06cc\u0646 \u0634\u06cc\u0648\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc Spring Boot\u060c \u06a9\u0627\u0648\u0634 \u062f\u0631 \u0645\u0648\u0627\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062f\u0631 \u062f\u0646\u06cc\u0627\u06cc \u0648\u0627\u0642\u0639\u06cc\u060c \u0645\u0642\u0627\u06cc\u0633\u0647 \u0648\u06cc\u0698\u06af\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc AWS \u0628\u0627 \u0633\u0627\u06cc\u0631 \u0627\u0631\u0627\u0626\u0647\u200c\u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0627\u0628\u0631\u06cc \u0648 \u0628\u0647 \u0627\u0648\u062c \u0631\u0633\u06cc\u062f\u0646 \u0633\u0646\u0627\u0631\u06cc\u0648\u06cc \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647\u200c\u0633\u0627\u0632\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647 \u0645\u06cc\u200c\u067e\u0631\u062f\u0627\u0632\u062f.<\/p>\n

\u0645\u0642\u062f\u0645\u0647<\/p>\n

Spring Security\u060c \u0645\u0627\u0698\u0648\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc Spring Boot\u060c \u0686\u0627\u0631\u0686\u0648\u0628\u06cc \u0642\u0648\u06cc \u0628\u0631\u0627\u06cc \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0645\u062c\u0648\u0632 \u0648 \u0645\u062d\u0627\u0641\u0638\u062a \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0631\u0627\u06cc\u062c \u0648\u0628 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f. \u0627\u062c\u0631\u0627\u06cc \u0645\u0648\u062b\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0627\u0631\u062f \u0628\u0631\u0627\u06cc \u0627\u06cc\u0645\u0646 \u0633\u0627\u0632\u06cc \u0628\u0631\u0646\u0627\u0645\u0647 \u0634\u0645\u0627 \u0648 \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u062d\u0633\u0627\u0633 \u0628\u0633\u06cc\u0627\u0631 \u0645\u0647\u0645 \u0627\u0633\u062a.<\/p>\n

\u067e\u0646\u062c \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0639\u0645\u06cc\u0642 \u062f\u0631 \u062f\u0646\u06cc\u0627\u06cc \u0648\u0627\u0642\u0639\u06cc<\/p>\n

API \u0647\u0627\u06cc REST \u0627\u06cc\u0645\u0646 \u0628\u0627 JWT (JSON Web Token): JWT \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0628\u062f\u0648\u0646 \u062d\u0627\u0644\u062a\u060c \u0627\u06cc\u062f\u0647 \u0622\u0644 \u0628\u0631\u0627\u06cc \u0645\u06cc\u06a9\u0631\u0648\u0633\u0631\u0648\u06cc\u0633 \u0647\u0627 \u0648 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u062a\u0648\u0632\u06cc\u0639 \u0634\u062f\u0647 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f. Spring Security \u0628\u0647 \u0637\u0648\u0631 \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0628\u0627 JWT \u0627\u062f\u063a\u0627\u0645 \u0645\u06cc \u0634\u0648\u062f \u0648 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u06cc\u0645\u0646 API \u0631\u0627 \u0627\u0645\u06a9\u0627\u0646 \u067e\u0630\u06cc\u0631 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n

* **Technical Implementation:** Utilize `@EnableWebSecurity` and extend `WebSecurityConfigurerAdapter`. Configure `JwtAuthenticationFilter` to intercept requests and validate JWTs. Use `antMatchers()` to define secured endpoints.
\n* **Benefits:** Enhanced security, reduced overhead compared to session management, and improved scalability.<\/p>\n

\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/p>\n

\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/p>\n

\u0627\u062f\u063a\u0627\u0645 OAuth 2.0 \u0628\u0631\u0627\u06cc \u0648\u0631\u0648\u062f \u0627\u062c\u062a\u0645\u0627\u0639\u06cc: \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0631\u0627 \u0642\u0627\u062f\u0631 \u0645\u06cc \u0633\u0627\u0632\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0644\u062a\u0641\u0631\u0645 \u0647\u0627\u06cc \u0627\u062c\u062a\u0645\u0627\u0639\u06cc (\u06af\u0648\u06af\u0644\u060c \u0641\u06cc\u0633 \u0628\u0648\u06a9 \u0648 \u063a\u06cc\u0631\u0647) \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc Spring Security OAuth 2.0 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u06a9\u0646\u0646\u062f.<\/p>\n

* **Technical Implementation:** Leverage Spring Security OAuth 2.0 client library. Configure client registration and redirect URIs for each provider. Implement custom `OAuth2UserService` to handle user details.
\n* **Benefits:** Simplified user onboarding, improved user experience, and reduced development effort.<\/p>\n

\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/p>\n

\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/p>\n

\u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0642\u0634 (RBAC): \u0627\u062c\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u06af\u0631\u0627\u0646\u0648\u0644 \u0628\u0631 \u0627\u0633\u0627\u0633 \u0646\u0642\u0634 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631. Spring Security \u062d\u0627\u0634\u06cc\u0647 \u0646\u0648\u06cc\u0633\u06cc \u0647\u0627\u06cc\u06cc \u0645\u0627\u0646\u0646\u062f @PreAuthorize \u0648 @PostAuthorize \u0628\u0631\u0627\u06cc \u0645\u062c\u0648\u0632 \u0631\u06cc\u0632\u062f\u0627\u0646\u0647<\/p>\n

* **Technical Implementation:** Define roles and assign them to users. Use SpEL expressions within security annotations to enforce access based on roles and other criteria.
\n* **Benefits:** Enhanced security, granular control over access, and improved compliance.<\/p>\n

\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/p>\n

\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/p>\n

\u0645\u062d\u0627\u0641\u0638\u062a \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a \u0628\u06cc\u0646 \u0633\u0627\u06cc\u062a\u06cc (XSS): \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0627\u0632 \u0633\u06cc\u0627\u0633\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u062d\u062a\u0648\u0627\u06cc Spring Security (CSP) \u0628\u0647 \u06a9\u0627\u0647\u0634 \u062d\u0645\u0644\u0627\u062a XSS \u06a9\u0645\u06a9 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n

* **Technical Implementation:** Configure CSP headers using `HttpSecurity`. Define allowed origins for scripts, styles, and other resources. Utilize Spring’s HTML sanitization features.
\n* **Benefits:** Reduced vulnerability to XSS attacks, improved browser security, and enhanced user trust.<\/p>\n

\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/p>\n

\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/p>\n

\u067e\u06cc\u0627\u062f\u0647 \u0633\u0627\u0632\u06cc \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0686\u0646\u062f \u0639\u0627\u0645\u0644\u06cc (MFA): \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 MFA \u06cc\u06a9 \u0644\u0627\u06cc\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0636\u0627\u0641\u06cc \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f. Spring Security \u0627\u0632 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0645\u062e\u062a\u0644\u0641 MFA \u0645\u0627\u0646\u0646\u062f Google Authenticator \u0648 \u06af\u0630\u0631\u0648\u0627\u0698\u0647 \u06cc\u06a9 \u0628\u0627\u0631 \u0645\u0635\u0631\u0641 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0632\u0645\u0627\u0646 (TOTP) \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n

* **Technical Implementation:** Integrate with an MFA provider library. Implement authentication logic to validate the second factor during login.
\n* **Benefits:** Significantly enhanced security, reduced risk of unauthorized access, and improved compliance with security regulations.<\/p>\n

\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/p>\n

\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/p>\n

\u0645\u0646\u0627\u0628\u0639 \u0645\u0634\u0627\u0628\u0647 \u0627\u0632 \u0633\u0627\u06cc\u0631 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0627\u0628\u0631<\/p>\n

\u06cc\u0627\u062f\u06af\u06cc\u0631\u06cc AWS: \u062e\u062f\u0645\u0627\u062a \u0645\u062f\u06cc\u0631\u06cc\u062a \u06a9\u0627\u0631\u0628\u0631\u060c \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0648 \u0645\u062c\u0648\u0632 \u0631\u0627 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f. \u0627\u062c\u0632\u0627\u06cc \u0631\u0627\u0628\u0637 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0627\u0632 \u067e\u06cc\u0634 \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0631\u0627 \u0628\u0631\u0627\u06cc \u062b\u0628\u062a \u0646\u0627\u0645 \u0648 \u0648\u0631\u0648\u062f \u06a9\u0627\u0631\u0628\u0631 \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc \u06a9\u0646\u062f. AWS Cognito Documentation<\/p>\n

Azure Active Directory B2C: \u0633\u0631\u0648\u06cc\u0633 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0647\u0648\u06cc\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0627\u0628\u0631 \u0628\u0631\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0628\u0627 \u0645\u0634\u062a\u0631\u06cc. \u0627\u0632 \u067e\u0631\u0648\u062a\u06a9\u0644 \u0647\u0627\u06cc \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0645\u062e\u062a\u0644\u0641\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 OAuth 2.0 \u0648 OpenID Connect \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f. \u0645\u0633\u062a\u0646\u062f\u0627\u062a Azure AD B2C<\/p>\n

Google Cloud Identity Platform: \u062e\u062f\u0645\u0627\u062a \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0645\u062c\u0648\u0632\u060c \u0648 \u0645\u062f\u06cc\u0631\u06cc\u062a \u06a9\u0627\u0631\u0628\u0631 \u0631\u0627 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f. \u0627\u0632 \u0631\u0648\u0634 \u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0627\u062c\u062a\u0645\u0627\u0639\u06cc \u0648 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0628\u062f\u0648\u0646 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f. \u0627\u0633\u0646\u0627\u062f \u067e\u0644\u062a\u0641\u0631\u0645 \u0647\u0648\u06cc\u062a \u0627\u0628\u0631\u06cc Google<\/p>\n

\u0646\u062a\u06cc\u062c\u0647 \u06af\u06cc\u0631\u06cc<\/p>\n

\u0627\u062c\u0631\u0627\u06cc \u0634\u06cc\u0648\u0647 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0642\u0648\u06cc \u0628\u0631\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc Spring Boot \u0628\u0633\u06cc\u0627\u0631 \u0645\u0647\u0645 \u0627\u0633\u062a. \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0648\u06cc\u0698\u06af\u06cc\u200c\u0647\u0627\u06cc \u062c\u0627\u0645\u0639 Spring Security\u060c \u0647\u0645\u0631\u0627\u0647 \u0628\u0627 \u0628\u0647\u062a\u0631\u06cc\u0646 \u0631\u0648\u0634\u200c\u0647\u0627 \u0645\u0627\u0646\u0646\u062f \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0648 \u0645\u0645\u06cc\u0632\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0646\u0638\u0645\u060c \u0628\u0631\u0646\u0627\u0645\u0647 \u0634\u0645\u0627 \u0631\u0627 \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0627\u062d\u062a\u0645\u0627\u0644\u06cc \u062a\u0642\u0648\u06cc\u062a \u0645\u06cc\u200c\u06a9\u0646\u062f\u060c \u0627\u0632 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u062d\u0633\u0627\u0633 \u0645\u062d\u0627\u0641\u0638\u062a \u0645\u06cc\u200c\u06a9\u0646\u062f \u0648 \u0627\u0639\u062a\u0645\u0627\u062f \u06a9\u0627\u0631\u0628\u0631 \u0631\u0627 \u062d\u0641\u0638 \u0645\u06cc\u200c\u06a9\u0646\u062f.<\/p>\n

\u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u067e\u06cc\u0634\u0631\u0641\u062a\u0647: \u0627\u062f\u063a\u0627\u0645 \u0628\u0627 \u0645\u0646\u0627\u0628\u0639 AWS (\u0686\u0634\u0645 \u0627\u0646\u062f\u0627\u0632 \u0645\u0639\u0645\u0627\u0631 \u0631\u0627\u0647 \u062d\u0644)<\/p>\n

\u0633\u0646\u0627\u0631\u06cc\u0648\u06cc\u06cc \u0631\u0627 \u062a\u0635\u0648\u0631 \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u062f\u0631 \u0622\u0646 \u06cc\u06a9 \u0628\u0631\u0646\u0627\u0645\u0647 Spring Boot\u060c \u0645\u0633\u062a\u0642\u0631 \u062f\u0631 AWS Elastic Beanstalk\u060c \u0646\u06cc\u0627\u0632 \u0628\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0645\u0646\u0627\u0628\u0639 \u0627\u06cc\u0645\u0646 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 AWS Identity and Access Management (IAM) \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f. \u0627\u06cc\u0646 \u0627\u0645\u0631 \u0645\u0633\u062a\u0644\u0632\u0645 \u0627\u062f\u063a\u0627\u0645 Spring Security \u0628\u0627 \u0646\u0642\u0634 \u0647\u0627 \u0648 \u0633\u06cc\u0627\u0633\u062a \u0647\u0627\u06cc AWS IAM \u0627\u0633\u062a.<\/p>\n

\u067e\u06cc\u0627\u062f\u0647 \u0633\u0627\u0632\u06cc \u0641\u0646\u06cc: \u0627\u0632 AWS SDK \u0628\u0631\u0627\u06cc \u062c\u0627\u0648\u0627 \u0628\u0631\u0627\u06cc \u062a\u0639\u0627\u0645\u0644 \u0628\u0627 IAM \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f. \u06cc\u06a9 \u0633\u0641\u0627\u0631\u0634 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f AuthenticationProvider \u06a9\u0647 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0645\u0648\u0642\u062a \u0631\u0627 \u0627\u0632 \u0633\u0631\u0648\u06cc\u0633 \u0631\u0645\u0632 \u0627\u0645\u0646\u06cc\u062a\u06cc AWS (STS) \u0628\u0631 \u0627\u0633\u0627\u0633 \u0646\u0642\u0634 IAM \u06a9\u0627\u0631\u0628\u0631 \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc \u0645\u06cc \u06a9\u0646\u062f. \u0627\u06cc\u0646 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u0647 \u0631\u0627 \u0628\u0627 \u062c\u0631\u06cc\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a Spring Security \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u06a9\u0646\u06cc\u062f. \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc \u0634\u062f\u0647 \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0633\u0627\u06cc\u0631 \u0645\u0646\u0627\u0628\u0639 AWS \u0645\u0627\u0646\u0646\u062f S3 \u06cc\u0627 DynamoDB \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f.
\n\u0645\u0632\u0627\u06cc\u0627: \u0627\u062f\u063a\u0627\u0645 \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0628\u0627 \u0627\u06a9\u0648\u0633\u06cc\u0633\u062a\u0645 AWS\u060c \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u0645\u0646\u06cc\u062a \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0646\u0642\u0634\u200c\u0647\u0627\u06cc IAM \u0648 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0627\u0639\u062a\u0628\u0627\u0631 \u0633\u0627\u062f\u0647\u200c\u062a\u0631. \u0627\u06cc\u0646 \u0631\u0648\u06cc\u06a9\u0631\u062f \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0630\u062e\u06cc\u0631\u0647 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0628\u0644\u0646\u062f\u0645\u062f\u062a \u0631\u0627 \u062f\u0631 \u0628\u0631\u0646\u0627\u0645\u0647 \u062d\u0630\u0641 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u062e\u0637\u0631\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0627 \u0628\u0647 \u0645\u06cc\u0632\u0627\u0646 \u0642\u0627\u0628\u0644 \u062a\u0648\u062c\u0647\u06cc \u06a9\u0627\u0647\u0634 \u0645\u06cc \u062f\u0647\u062f. \u0627\u062f\u063a\u0627\u0645 \u0628\u06cc\u0634\u062a\u0631 \u0628\u0627 AWS Web Application Firewall (WAF) \u0644\u0627\u06cc\u0647 \u062f\u06cc\u06af\u0631\u06cc \u0627\u0632 \u0645\u062d\u0627\u0641\u0638\u062a \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0647\u0627\u06cc \u0631\u0627\u06cc\u062c \u0648\u0628 \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u0645\u06cc \u06a9\u0646\u062f.
\n\u0646\u0645\u0648\u062f\u0627\u0631 (\u0645\u0641\u0647\u0648\u0645\u06cc):<\/p>\n[User] –> [Spring Boot App (Elastic Beanstalk)] –> [AWS STS (AssumeRole)] –> [Temporary Credentials] –> [AWS S3\/DynamoDB]\n

\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/p>\n

\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/p>\n

\u0628\u0627 \u0627\u062c\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0628\u0647\u062a\u0631\u06cc\u0646 \u0634\u06cc\u0648\u0647 \u0647\u0627 \u0648 \u062f\u0631 \u0646\u0638\u0631 \u06af\u0631\u0641\u062a\u0646 \u0633\u0646\u0627\u0631\u06cc\u0648\u0647\u0627\u06cc \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0633\u0627\u0632\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647\u060c \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc Spring Boot \u0628\u0633\u06cc\u0627\u0631 \u0627\u0645\u0646 \u0648 \u0627\u0646\u0639\u0637\u0627\u0641 \u067e\u0630\u06cc\u0631 \u0631\u0627 \u0631\u0648\u06cc AWS \u0628\u0633\u0627\u0632\u06cc\u062f. \u0628\u0647 \u062e\u0627\u0637\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0628\u0647 \u0627\u0635\u0644 \u06a9\u0645\u062a\u0631\u06cc\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0628\u0646\u062f \u0628\u0627\u0634\u06cc\u062f \u0648 \u0628\u0647 \u0637\u0648\u0631 \u0645\u062f\u0627\u0648\u0645 \u0648\u0636\u0639\u06cc\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u062e\u0648\u062f \u0631\u0627 \u06a9\u0646\u062a\u0631\u0644 \u0648 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0627\u0632 \u062a\u0647\u062f\u06cc\u062f\u0627\u062a \u062f\u0631 \u062d\u0627\u0644 \u062a\u062d\u0648\u0644 \u062c\u0644\u0648\u062a\u0631 \u0628\u0645\u0627\u0646\u06cc\u062f.<\/p>\n

\u0645\u0631\u0627\u062c\u0639:<\/p>\n

\n

<\/p>\n

\u0642\u0627\u0628\u0644\u06cc\u062a \u0647\u0627\u06cc \u062a\u0648\u0633\u0639\u0647 \u0633\u0631\u06cc\u0639 Spring Boot \u0628\u0631\u0627\u06cc \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u06cc\u06a9 \u0646\u0639\u0645\u062a \u0627\u0633\u062a\u060c \u0627\u0645\u0627 \u0627\u0645\u0646\u06cc\u062a \u0628\u0627\u06cc\u062f \u0627\u0632 \u0647\u0645\u0627\u0646 \u0627\u0628\u062a\u062f\u0627 \u062f\u0631 \u062a\u0627\u0631 \u0648 \u067e\u0648\u062f \u0628\u0631\u0646\u0627\u0645\u0647 \u0634\u0645\u0627 \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f. \u0627\u06cc\u0646 \u067e\u0633\u062a \u0639\u0645\u06cc\u0642\u0627\u064b \u0628\u0647 \u0628\u0647\u062a\u0631\u06cc\u0646 \u0634\u06cc\u0648\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc Spring Boot\u060c \u06a9\u0627\u0648\u0634 \u062f\u0631 \u0645\u0648\u0627\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062f\u0631 \u062f\u0646\u06cc\u0627\u06cc \u0648\u0627\u0642\u0639\u06cc\u060c \u0645\u0642\u0627\u06cc\u0633\u0647 \u0648\u06cc\u0698\u06af\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc AWS \u0628\u0627 \u0633\u0627\u06cc\u0631 \u0627\u0631\u0627\u0626\u0647\u200c\u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0627\u0628\u0631\u06cc \u0648 \u0628\u0647 \u0627\u0648\u062c \u0631\u0633\u06cc\u062f\u0646 \u0633\u0646\u0627\u0631\u06cc\u0648\u06cc \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647\u200c\u0633\u0627\u0632\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647 \u0645\u06cc\u200c\u067e\u0631\u062f\u0627\u0632\u062f.<\/p>\n

\n
\n

\u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628<\/p>\nToggle<\/span><\/path><\/svg><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n