DreamObjects: Confusion about Permissions with Buckets vs Objects - Strange Behavior



I set up a DreamObjects test bucket awhile ago. My plan is to set it up with a site that has a lot of people uploading products for sale and these products are designed to be publicly displayed.

When a user uploads a photo, I have this script set up:

define('AWS_KEY', '********************');
define('AWS_SECRET_KEY', '******************************');
define('HOST', 'https://objects-us-west-1.dream.io');

// require the AWS SDK for PHP library

use Aws\S3\S3Client;

// Establish connection with DreamObjects with an S3 client.
$client = S3Client::factory(array(
    'base_url' => HOST,
    'key'      => AWS_KEY,
    'secret'   => AWS_SECRET_KEY

$key         = '250/1/1/1/image.jpg'; // path that describes image saved in our database (thumbnail size, etc).
$source_file = 'image.jpg'; // file uploaded by user
$acl         = 'public-read';
$bucket      = 'mybucket';
$client->upload($bucket, $key, fopen($source_file, 'r'), $acl);

I’m assuming this makes the image object itself “public” and it stays that way permanently and will load up properly for sites visitors? On the bucket itself, there is also a private/public permission. Do I also set this to “public” as well, or are there security concerns I need to be aware of that requires just the bucket to remain private?

My end goal is to simply allow all these images to load up publicly, so how should I set up the permissions for buckets/objects? Right now, I have both of them set to “public”.

Lastly, I am using CNAME to have my own image “i” sub-domain, like (https://i.mydomain.com). I noticed strange behavior on my test site. It seems like if I don’t view the site for a few hours/days and then come back, the images don’t load up anymore even after refreshing the page a few times, and then if I mess around with the permissions and save the same changes again, the images load normally again. I suspect it might have something to do with my alias not having SSL available on my alias, such as my HTTPS domain trying to load (and block) unsecure images, but I an not sure. How do I set up a Let’s Encrypt SSL for https://i.mydomain.com (which has a DNS CNAME to mybucket.objects-us-west-1.dream.io)?

Kind regards


that’s what I would assume. Did you try and got a different result?

If you want the content of the bucket to be readable by anonymous then set the bucket to Public. The docs say Public means that it is possible to view the Bucket properties and a list of the contents of the bucket by navigating to the Bucket URL. More on

I am not sure how to answer your question regarding SSL. I am quite sure you cannot use Let’s Encrypt though but I leave that to answer by someone more expert than me.