Presigned URL
cegedim.cloud Object Storage Service support presigned URLs to grant access to objects without needing credentials.
Presigned URLs are used to provide short-term access to a private object in your S3 bucket. They work by appending an Access_Key
, expiration time, and Sigv4 signature as query parameters to the S3 object.
Also, presigned URLs allow you to grant someone right to upload a specific object in your Bucket.
There are two common use cases when you may want to use them:
Simple, occasional sharing of private files
Frequent, programmatic access to view an object in an application
Frequent, programmatic access to upload an object through an application
Generating a presigned URL (download)
We use aws s3 and aws s3api command line tools from AWSCLIv2 on Linux.
${S3_ENDPOINT}
& ${S3_PROFILE}
are environment variables.
In this example, the generated URL have an expiration of 10 minutes. After this time, the object will no longer be accessible.
--expires-in (integer) Number of seconds until the presigned URL expires. Default value is 3600 seconds.
The maximum expiration time is 7 Days.
Generating a Presigned URL (Upload)
aws s3 and aws s3api don't support upload presigned url generation.
You need to use AWS SDK to create Presigned Url for Upload.
Below, a simple example using [AWS SDK for Python (Boto3)](https://boto3.amazonaws.com/v1/documentation/api/latest/index.html)
Upload Presigned URL work only with path style addressing.
Replace aws_access_key_id
and aws_secret_access_key
by our own credentials.
`ExpiresIn` (integer): Number of seconds until the presigned URL expires. Default value is 3600 seconds. The maximum expiration time is 7 Days.
We can use tool like curl
to upload our filed to our bucket, using the URL generated previously:
Last updated