S3 link with longer expiration

java amazon-web-services amazon-s3 aws-sdk
10,914

Solution 1

See this detailed answer for a description of the limitation on the days.

Generating read only credentials for the client would not work well because the client would have to use those credentials to either create their own pre-signed URL (no different than you doing it now -- it will still expire in a max of 7 days) or use an AWS SDK to directly download the file without a pre-signed URL.

Using SigV4 and having a constant link for longer than 7 days could be done with a middle layer (like a REST endpoint) whose URL does not change and serves up the file when requested.

Solution 2

Using S3 pre-signed urls unfortunately is not possible to go beyond the 7 days.

One possible solution is to use CloudFront signed urls, these don't have a "limit" on how long the urls can be valid. S3 bucket will still remain private.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

Java Example:

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CFPrivateDistJavaDevelopment.html

Share:
10,914
RockyMountainHigh
Author by

RockyMountainHigh

Updated on July 20, 2022

Comments

  • RockyMountainHigh
    RockyMountainHigh almost 2 years

    I am generating a pre-signed link using the java sdk for a client. We have new requirements to allow the links to remain active for at least 30 days. When I set the expiration longer I get the below error:

    Requests that are pre-signed by SigV4 algorithm are valid for at most 7 days

    I need to determine a way around this as the client cannot accept updates to the links (say, if I just auto-generated updates weekly). Is there a way around this? Can I pass a given set of read-only creds maybe?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

AWS S3 upload without access and secret key in Java
AWS S3: Uploading large file fails with ResetException: Failed to reset the request input stream
com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: XXXXXXXX)
AmazonS3ClientBuilder.defaultClient() fails to account for region?
"The specified key does not exist" S3 error for really existing object in the bucket
AmazonS3Client(credentials) is deprecated
AWS Java SDK - Unable to find a region via the region provider chain
AWS Java SDK - AWS authentication requires a valid Date or x-amz-date header
Is it possible to write to s3 via a stream using s3 java sdk
InvalidLocationConstraint error while creating S3 bucket when the used command is