You can create separate storage types for separate folders, directories and manage the access permission there.
With Django - create a file you can call "storage_aws.py" and add the following:
from storages.backends.s3boto3 import S3Boto3Storage
class PublicMediaStorage(S3Boto3Storage):
location = 'media/location2/public'
default_acl = 'public-read'
file_overwrite = False
querystring_auth=False
class PrivateMediaStorage(S3Boto3Storage):
location = 'media/location1/private'
default_acl = 'private'
file_overwrite = False
custom_domain = False
querystring_auth=True
use default_acl to define the access (public or private)
use location to define location - (you can specify paths) like
location1 = 'media/location1/private'
location2 = 'media/location2/public'
*Note the querystring_auth=False or True
Then when you define your model, you can specify which location to use for which model
from django.db import models
from appname.storage_aws import PublicMediaStorage, PrivateMediaStorage
class Upload(models.Model):
file = models.FileField(storage=PublicMediaStorage())
class UploadPrivate(models.Model):
file = models.FileField(storage=PrivateMediaStorage())
The private files will have query string while the public ones will not, as defined in the "storage_aws.py' file