- Newest
- Most votes
- Most comments
This can be accomplished using Lambda up to a maximum of 7 days. 10 days is beyond the maximum valid expiration period for any pre-signed url scenario using Sig V4. To have a pre-signed URL be valid for the entire 7 days you need to use valid credentials for an IAM User to generate the URL. To do this in Lamdba you'd need to give the Lambda access to long-lived IAM User credentials and and use them to generate the pre-signed URL w/ Sig v4.
You could do this with encrypted ENV Variables or Secrets Manager for example. Then configure your lambda to use these credentials, and not a the Lambda's execution role credentials when generating the pre-signed urls.
This is related to a topic located here: https://repost.aws/questions/QUN4e24VL5QM6ygP99mEydUA/generate-presigned-url-for-s-3-object-lambda.
To see an updated guide for how to build presigned URLs and set the expiration date, this guide is pretty helpful: https://howtocloud.io/generate-s3-presigned-urls-with-boto3/.
Relevant content
- Accepted Answerasked 3 months ago
- asked 2 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 11 days ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 months ago