I can generate my signed urls the AWS-SDK node package, and I could confirm they work when my bucket is set as public.
However, I can't find where I can set the parameters mentioned here:
Restrict Bucket Access : Yes
Origin Access Identity : Use an Existing Identity
Restrict Viewer Access(Use Signed URLs) : Yes
Trusted Signers : Self
I do not use Cloudfront and it looks like Cloudfront specifics
Is there any way to set these up (or produce an equivalent behavior) using S3 only? i.e. bucket private by default, only urls signed by one of my IAM users can be served.