my S3 bucket has no public access.
When i upload my file, it will appear in my s3 bucket.
For example:
1-URL:
"https://bucketName.s3.eu-central-1.amazonaws.com/pathToFile/filename.pdf"
When i open this path, i receive this message:
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>7G2D8VJSV3M10H92</RequestId>
<HostId>Cc5BwooOhvz6 A9DEByMRFUbBokFqvMWbsBl/QoCiPd/h2xBOr TPQxigKHIeBpkos7RBGYtUxE=</HostId>
</Error>
That's perfect!
When i'm in the backend.. there is a button "open".. when i click this button i will see my file content:
2-URL:
https://bucketName.s3.eu-central-1.amazonaws.com/pathToFile/filename.pdf?response-content-disposition=inline&X-Amz-Security-Token=TZolawje222luX2VjEJX//////////wEaDGV1LWNlbnRyYWwtMSJHMEUCIQCRQdTm3o0LnPzjljwuJceTpdU+zpZ1wUwNf1qa6MssJAIgebxp9b7gUWiF8rcyd22eOZ0o7+fj36vKJz3AEbr0K9cq/wII3v//////////ARACGgw1NzEwMzk5MDgyNzAiDGSpmg0OULYO7wPPlyrTAlQnBekkDsdWKro14yeqCqsCaLejIY1xKljHX96Jv7Ks+J5vQQ2DNg3z7oLrGIKROTln5lms3wo7AKN6pAvt0+E6t26dZ2hVqJQxYQJHxniwOSD47cpQZ74chNCH6uC6Q8u0r/NlgeOngfH+PWyQRCEtFUBFpqH+AfKw6KTooRdvJOBa1QLHcNrvqel5NugIYHoFVqiUUbJhcVEzHylIpTwwekySDHFV39nIOCbhu8yvU+CopoHLHgdeQD/Jd50nVHUzsIMFuRMrDAXGuenS5eoUk7Ci/TR4/jHJ1cMDtY5/Nf7axxqk7mojvJDavkvMNJdruR5uTLEYtKLo03Kb+6xp2EAhh1pzZz8hXtTrhpzzyaG5PInqs/H8fMeZcKChdVn8aBxqYQ0A3V9hE0LjlGsSoeHYqCgRqP2QG1GuYyPwXWmgm//7mSfLJIESt8CBq1zCkj++JBjqzAhLcYlBMrXIpyYBVIa1sP9QMvMtFp2JYjbvRBQV4SchBpS1j5GJQK3+poBX9PeaPL8xvTvRrfoNuB3EZaUI9EgeDYYfHSDYU4F0Mqp+6g/5KopgrvAHqcx6sF/0QyYzkhsp7WpKyTdLzZBma7lydR6svgUBgS6E+kA307PzaE6jcuW9lD2Vof5VMy6ciIpBtziXGmSQJ1U6Pukrr+ojDJ8NgdciL6TEiSRVwrZniIsj6aYPRFzv1Ro/CjDZQfDJ+hYrEKOcy28KW1ANiCOyloMBmBvMf6D53qTy+Y7EZIGtIcP8nWl1Am5ESMKQq6QCErO2k731BqmdMdyqFAnNYrieji2JgK8+97STgNpYSEselvgpa47qhDvYlrqGBxyjdt0kLq/MvfQENd548P8Wf8sp61Ik=&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20210911T012328Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Credential=EUROYJ5FKLWXJKTHAJPT/20210910/eu-central-1/s3/aws4_request&X-Amz-Signature=901db2f3543e69f05698ff4c45d188695376ea239cd9a262956bb701f10e06e0
I want to know how do i generate this 2-URL by myself?
In this url i see the "X-Amz-Security-Token" but i'm not sure where i get this information?
CodePudding user response:
The magic URL that lets you access a private Amazon S3 object is called an Amazon S3 pre-signed URL, which is a time-limited URL that provides temporary access to a private object.
You can generate a pre-signed URL with just a few lines of code. You can specify the time period for which the URL is valid. When generating the pre-signed URL, you will need to use a set of credentials that have permission to access the object. The 'signature' on the pre-signed URL comes from those credentials.
The capability is available in programming languages via the AWS SDK. For example, in Python you would use Presigned URLs — Boto3 Docs documentation. It is also available via the AWS CLI: presign — AWS CLI Command Reference