How to configure temporary access to private objects in S3 bucket

If the S3 bucket is private, the objects will not be accessible for public. If anybody wants to acccess the object, we need to create an IAM user with required privileges.

But there is a way to grant temporary access to S3 object through a "pre-signed" url.

This article explains the command to enable "pre-signed" url for S3 objects using aws cli.

#aws s3 presign s3://BUCKET/OBJECT

Here we need replace BUCKET and OBJECT with the corresponding values. This command will print the pre-signed url for the mentioned S3 object.

Please note that the pre-signed url is valid for 1 hour by default.

The command have the option to specify custom expiry time.

#aws s3 presign s3://BUCKET/OBJECT --expires-in SECS

Here we need to replace SECS with the expiry time in seconds.

That's all…

Leave a Reply

Your email address will not be published. Required fields are marked *