2 Answers
- Newest
- Most votes
- Most comments
0
The presigned URL uses the permissions granted by the credentials that is was created with. So if those credentials expire in (say) two hours and your pre-signed URL is set to 7 days the pre-signed URL will not work after two hours because the credentials have expired.
In this case you will need to have a set of credentials that expire after your pre-signed URL does. One way to do this is to create an IAM user that only has the S3 permissions that you require; store those credentials in ParameterStore; ensure that only the Lambda function can access the credentials; and then use those credentials in your Lambda function to generate the pre-signed URL.
Relevant content
- asked a month ago
- Accepted Answerasked 4 months ago
- asked 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 5 months ago