en:navody:object_storage:cesnet_s3_url_share
Action unknown: indexoauthloginauthoauthloginauth

Sharing S3 object using (presigned) URL

To generate the URL links for objects stored on the S3 storage you have to setup aws tool first.

All objects and buckets are by default private. The pre-signed URL is a reference to Ceph S3 object, which allows anyone who receives the URL to retrieve the S3 object with an HTTP GET request.

The following presigning command generates a pre-signed URL for a specified bucket and key that is valid for one hour:

aws s3 --profile myprofile presign s3://bucket/file

If you want to create a pre-signed URL with a custom lifetime that links to an object in an S3 bucket you have to use:

aws s3 --profile myprofile presign s3://bucket/file --expires-in 86400

This will create URL accessible for one day.
Parameter “–expires-in” is in seconds up to one week i.e. 604800 ​(7*24*60*60).

When pre-signed URL has been expired, you will see “Access Denied” message - like following:

This XML file does not appear to have any style information associated with it. The document tree is shown below. \\
<Error> \\
<link type="text/css" rel="stylesheet" id="dark-mode-general-link"/> \\
<link type="text/css" rel="stylesheet" id="dark-mode-custom-link"/> \\
<style lang="en" type="text/css" id="dark-mode-custom-style"/> \\
<Code>AccessDenied</Code> \\
<RequestId>tx0000000000000000f8f26-00sd242d-1a2234a7-storage-cl2</RequestId>\\
<HostId>1aasd67-storage-cl2-storage</HostId> \\
</Error> \\

Once you generate pre-signed URL, you can't change its lifetime, you have to generate a new pre-signed URL. It applies to both, expired and non-expired URLs.

Last modified:: 20.11.2024 19:09