Presigned URLs
Learn how to grant temporary access to your S3 objects using a presigned URL.
Presigned URLs are used to grant temporary access to the bucket. It is a time-bound URL that can be used to share and upload objects in a bucket.
How to create a presigned URL
The presigned URL can be created by anyone with valid security credentials. However, the entity with those credentials should have permission to perform the functions the presigned URL is being used for. This entity can be an IAM profile, a user, or a security token service. To create a presigned URL we require:
Name of the S3 bucket
The object key (If we are downloading the object using the presigned URL, then this object should be in the bucket. Otherwise, this should be the name of the object being uploaded.
The HTTP method (GET for downloading and PUT for uploading)
The time interval after which the presigned URL expires
Expiration time
Presigned URLs grant temporary credentials and expire after the specified time. The AWS Management Console allows an expiration time of between 1 minute and 12 hours. However, while using the AWS CLI or AWS SDK, we can specify an expiration time of up to seven days.
Get hands-on with 1400+ tech skills courses.