Bucket Level Amazon S3 Secure URL
I want to be able to serve URLs to a client that are "subscribed" and therefore only relevant for 24 hours (for example). However, I don't want to call S3 for every URL generated:
AWS::S3::S3Object.new(bucket, name).url_for(:read, :secure => true, :expires => expires_in).to_s
Instead, I want to create the URL myself (I have a filename and a link to the bucket, I can create it myself).
However, I want to sign the url at the bucket level (say once a day for all files in a given bucket). is it possible?
source to share
When you create a pre-signed URL, it is done entirely locally. You can do it "yourself", but it is much easier to use the SDK and there will be no practical difference. See that there is no "sign" action on the S3 API .
However, you cannot subscribe at the "bucket" level, since the signature is verified for every object. I believe that signing a whole bucket would be impossible.
source to share
Sorry I have no ruby ββcode for this Java only ...
But you won't be able to get the assigned url for the whole bucket, just for each file.
Here is the function I created. This will print everything for you. Does it make sense?
private static URI GetURL(AmazonS3Client amazonS3Client, S3ObjectSummary s3ObjectSummary) throws URISyntaxException {
return amazonS3Client.generatePresignedUrl(
new GeneratePresignedUrlRequest(s3ObjectSummary.getBucketName(), s3ObjectSummary.getKey())
.withMethod(HttpMethod.GET)
.withExpiration(GetExperation())).toURI();
}
public static void run(String accessKey, String secretKey, String bucketName) {
AmazonS3Client amazonS3Client = new AmazonS3Client(new BasicAWSCredentials(accessKey, secretKey));
amazonS3Client.listObjects(bucketName)
.getObjectSummaries()
.stream()
.forEach(s3ObjectSummary
-> System.out.println(GetURL(amazonS3Client, s3ObjectSummary).toString()));
}
source to share