- 最新
- 最多得票
- 最多評論
This can be accomplished using Lambda up to a maximum of 7 days. 10 days is beyond the maximum valid expiration period for any pre-signed url scenario using Sig V4. To have a pre-signed URL be valid for the entire 7 days you need to use valid credentials for an IAM User to generate the URL. To do this in Lamdba you'd need to give the Lambda access to long-lived IAM User credentials and and use them to generate the pre-signed URL w/ Sig v4.
You could do this with encrypted ENV Variables or Secrets Manager for example. Then configure your lambda to use these credentials, and not a the Lambda's execution role credentials when generating the pre-signed urls.
This is related to a topic located here: https://repost.aws/questions/QUN4e24VL5QM6ygP99mEydUA/generate-presigned-url-for-s-3-object-lambda.
To see an updated guide for how to build presigned URLs and set the expiration date, this guide is pretty helpful: https://howtocloud.io/generate-s3-presigned-urls-with-boto3/.
相關內容
- 已提問 20 天前
- AWS 官方已更新 3 年前
- AWS 官方已更新 2 年前