How to create a pre-signed URL
To share an object without granting someone access to your storage account? You can share individual objects with the security and time-sensitivity of a pre-signed URL. In Lyve Cloud, console admins can set permissions to allow S3 clients access to data objects. Objects are only accessible by providing access and secret keys to the S3 client. However, objects can be shared with anyone by providing a pre-signed URL allowing temporary access to the object. Pre-signed URLs are time-sensitive and allow any recipient with the URL to download an object. For example, if you store a video recording in a Lyve Cloud bucket, you can share the file by creating a pre-signed URL.
Pre-requisites
Download a command line tool such AWS CLI.
Provide S3 Client access to Lyve Cloud bucket(s). For instructions, see Connecting S3 clients.
Creating a pre-signed URL for download operations
To create a pre-signed URL to download an object:
Use the S3 client to request an object residing in your Lyve Cloud bucket. The following instructions generate a pre-signed URL to share an object for a designated period of time.
Open your command line application (Command Prompt for PC, Terminal for Mac) and use the following command to configure your profile:
configure --profile (profile name)
C:\Users\693611>aws configure --profile adr
Enter your bucket’s access key, secret key, region name, and output format:
AWS Access Key ID [None]: Enter access key ID.
AWS Secret Access Key [None]: Enter secret access key
Default region name [None]: Enter default region name (us-east or us-west)
Default output format [None]: Enter default output format (optional)
Example
AWS Access Key ID [None]: **************QGS
AWS Secret Access Key [None]: *****************************3CJ
Default region name [None]: us-east-1
Default output format [None]:
Enter the following command to list your buckets:
S3 ls --profile (enter profile name) –-endpoint URL
Example
C:\Users\693611>aws s3 ls --profile adr --endpoint https://s3.us-east-1.lyvecloud.seagate.com
Result
2021-06-08 15:12:58 ahtestbucket
Enter the following command to generate a presigned URL.
Default expiration time can vary from client to client.
S3 presign s3://bucketname/objectfile --profile (profile name) --endpoint URL
Example
C:\Users\693611>aws s3 presign s3://ahtestbucket/certificate.pdf --profile adr --endpoint https://s3.us-east-1.lyvecloud.seagate.com Example
Result
https://s3.us-east-1.lyvecloud.seagate.com/ahtestbucket/certificate.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=YKANULVJJF5ASGQS%2F20211202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20211202T152353Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=e97e4b48c15bfa2f3b724fc9c23b8a4cd8bc324d434d67a6fe31e44a241adaf3
Copy the generated URL and share your object.
If you experience errors viewing the URL, check to ensure the bucket and object name in the command line follow the same lowercase and uppercase structure in your bucket. CLI is case sensitive.
Conclusion
With pre-signed URLs, you can provide temporary access to an object in Lyve Cloud. Pre-signed URL is an efficient and effective way to provide access to individual files without giving access to your storage account. Easily create and share a URL in minutes, using S3 clients with Lyve Cloud storage.