Question: Recommendations for using 'electron-builder' with the 's3' provider in private buckets

[luucasrb]

Description

For corporate reasons, the application bundle I work on cannot be publicly exposed and must be shared in an private S3 bucket. We send the credentials (SECRET and ACCESS keys) to clients for them to download the executable. For these reasons, when configuring electron-updater with the provider: 's3' and acl: 'private' in AppImageUpdater and NsisUpdater, I receive the http 403 error.

I understand that in other issues (such as #5587), there are recommendations to make the bucket public (and in this case, I can indeed download and auto-update on the client-side without configuring the keys). However, it is not an option in my scenario, so:

• What would be the official recommendation for cases where downloading from a private bucket is mandatory, and there is no issue with sharing the AWS keys?
• Would it be a possibility to have native support for this in electron-updater, where we can add private keys in the constructors that use the 's3' provider?

I would greatly appreciate your guidance on this matter!

• Electron-Builder Version: 24.9.1

• Node Version: 16.17.1

• Electron Version: 25.1.0

• Target: AppImage (linux), tar.gz (linux), NSIS (windows), portable (windows)

[cblack3]

I have the same issue and would love a way to handle this scenario.