All objects and buckets are by default private. The pre-signed URL is a reference to Ceph S3 object, which allows anyone who receives the URL to retrieve the S3 object with an HTTP GET request.
The following presigning command generates a pre-signed URL for a specified bucket and key that is valid for one hour:
aws s3 --profile myprofile presign s3://bucket/file
If you want to create a pre-signed URL with a custom lifetime that links to an object in an S3 bucket you have to use:
aws s3 --profile myprofile presign s3://bucket/file --expires-in 2419200
This will create URL accessible for a month. Parametr “–expires-in” is in seconds.
When pre-signed URL has been expired, you will see something like following:
This XML file does not appear to have any style information associated with it. The document tree is shown below. \\ <Error> \\ <link type="text/css" rel="stylesheet" id="dark-mode-general-link"/> \\ <link type="text/css" rel="stylesheet" id="dark-mode-custom-link"/> \\ <style lang="en" type="text/css" id="dark-mode-custom-style"/> \\ <Code>AccessDenied</Code> \\ <RequestId>tx0000000000000000f8f26-00sd242d-1a2234a7-storage-cl2</RequestId>\\ <HostId>1aasd67-storage-cl2-storage</HostId> \\ </Error> \\
Once you generate pre-signed URL, you can't change its lifetime, you have to generate a new pre-signed URL. It applies to both, expired and non-expired URLs.