Aws

Part of the MediaBridge series. Why Not a Normal HTTP Search S3 has no search API. To find a file, you have to list folders. A bucket with a deep directory tree could require hundreds of ListObjectsV2 calls to walk completely, each taking 100-500ms. A synchronous HTTP endpoint would either time out or make the user wait minutes for a response. The alternative is to stream results as they arrive. Start the traversal, send each matching file to the browser the moment it is found, let the user see results accumulating in real time. WebSocket is the natural transport: a single persistent connection that the server writes to continuously. ...

Part of the MediaBridge series. Why Cache S3 at All S3 ListObjectsV2 is not free. Each call costs money, takes time, and returns at most 1,000 objects per page. A bucket with 10,000 files in a single prefix requires 10 paginated S3 calls just to render one folder. Do that on every page load and you burn money, slow the UI, and hit S3 rate limits under concurrent users. Presigned URL generation is also not free. It is CPU work on the server. A folder with 50 files requires 50 presigned PUT or GET URL generations per load if nothing is cached. ...

Part of the MediaBridge series. The Design Premise Most access control systems respond to violations with a 403. You tried to access something you should not have - here is a polite rejection. Come back when you have the right permissions. MediaBridge takes a different position. Certain violation types are not mistakes. A user navigating to a URL they are not supposed to reach is an accident. A user constructing a request with a path outside their assigned root prefix is not. The system treats the latter as an active intrusion attempt and terminates the session immediately, rather than returning a 403 and letting the session continue. ...

Part of the MediaBridge series. The Upload Problem The obvious way to handle file uploads in a web app is to pipe them through the backend: browser sends the file to your server, server writes it to S3. This works. It also means every upload byte travels twice - once from the browser to your server, and again from your server to S3. Your server becomes a bottleneck, your bandwidth bill doubles, and large files tie up server connections. ...

What MediaBridge is a self-hosted file management layer over AWS S3. It gives teams a proper interface for uploading, browsing, and sharing files across multiple S3 buckets without AWS console access and without distributing IAM credentials to individuals. It runs in production managing 33 S3 buckets. Backend: github.com/sagarnayak/mediabridgeBackend-public Frontend: github.com/sagarnayak/mediabridgeFrontend-public Why The access problem Content teams upload files constantly: images for a web app, PDFs for client portals, videos for a dashboard. Those files need to live in S3 and they need URLs. The question is how the team gets them there. ...