Presigned URL
cegedim.cloud Object Storage Service support presigned URLs to grant access to objects without needing credentials.
Presigned URLs are used to provide short-term access to a private object in your S3 bucket. They work by appending an Access_Key
, expiration time, and Sigv4 signature as query parameters to the S3 object.
Also, presigned URLs allow you to grant someone right to upload a specific object in your Bucket.
There are two common use cases when you may want to use them:
Simple, occasional sharing of private files
Frequent, programmatic access to view an object in an application
Frequent, programmatic access to upload an object through an application
Generating a Presigned URL (download)
aws s3 --endpoint-url=${S3_ENDPOINT} presign s3://bucket-test/feather.ttf --expires-in 600 --profile ${S3_PROFILE}
https://storage-eb4.cegedim.cloud/bucket-test/feather.ttf?AWSAccessKeyId=fzs37xbv5615hygx2wkm&Signature=S4jFPas53s8cnwdDieMHrhc0ddE%3D&Expires=1666821099
In this example, the generated URL have an expiration of 10 minutes. After this time, the object will no longer be accessible.
Generating a Presigned URL (upload)
If an object with the same key already exists in the bucket as specified in the presigned URL, the existing object will be overridden.
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import boto3
from botocore.client import Config
s3 = boto3.client('s3')
s3 = boto3.client(
's3',
aws_access_key_id='xxxxx',
aws_secret_access_key='xxxxx',
config=Config(s3={'addressing_style': 'path'}),
endpoint_url='https://storage-eb4.cegedim.cloud'
)
bucket = "bucket-test"
key = "feather.ttf"
print(s3.generate_presigned_url('put_object', Params={'Bucket':bucket,'Key':key}, ExpiresIn=300, HttpMethod='PUT'))
# Output
# Run Python script
./create_presign_url_upload.py
#Ouput
https://storage-eb4.cegedim.cloud/bucket-test/feather.ttf?AWSAccessKeyId=fzs37xbv5615hygx2wkm&Signature=NI%2BvoHYhWEFPDR04ioeFfBz5fks%3D&Expires=1712056959
You can use tool like curl
to upload your object to your bucket, using the URL generated previously:
curl --request PUT --upload-file feather.ttf 'https://storage-eb4.cegedim.cloud/bucket-test/feather.ttf?AWSAccessKeyId=fzs37xbv5615hygx2wkm&Signature=NI%2BvoHYhWEFPDR04ioeFfBz5fks%3D&Expires=1712056959'
Last updated