mtesch
Hi,
To clarify what the aws s3 presign ... command can do for you, was not that clear in the lecture. So I researched a bit to get the following information:
The aws s3 presign ... CLI command can create a URL for the s3:GetObject action, so only GetObject is possible with the CLI. See the SourceCode snippet appended:
class PresignCommand(S3Command):
NAME = 'presign'
DESCRIPTION = (
"Generate a pre-signed URL for an Amazon S3 object. This allows "
"anyone who receives the pre-signed URL to retrieve the S3 object "
"with an HTTP GET request. For sigv4 requests the region needs to be "
"configured explicitly."
)
USAGE = ""
ARG_TABLE = [{'name': 'path',
'positional_arg': True, 'synopsis': USAGE},
{'name': 'expires-in', 'default': 3600,
'cli_type_name': 'integer',
'help_text': (
'Number of seconds until the pre-signed '
'URL expires. Default is 3600 seconds.')}]
def _run_main(self, parsed_args, parsed_globals):
super(PresignCommand, self)._run_main(parsed_args, parsed_globals)
path = parsed_args.path
if path.startswith('s3://'):
path = path[5:]
bucket, key = find_bucket_key(path)
url = self.client.generate_presigned_url(
'get_object',
{'Bucket': bucket, 'Key': key},
ExpiresIn=parsed_args.expires_in
)
uni_print(url)
uni_print('n')
return 0Also you can specify a –expires-in option, keep in mind that the presigned URL is created using the provided credentials, if they are from an AWS EC2 Instance Profile as in the lecture you can only get a duration capped at the expiration time of the token. For reference look at the following Dokumentation: https://aws.amazon.com/premiumsupport/knowledge-center/presigned-url-s3-bucket-expiration/