Lyve Cloud Documentation

How to create a pre-signed URL

To share an object without granting someone access to your storage account? You can share individual objects with the security and time-sensitivity of a pre-signed URL. In Lyve Cloud, console admins can set permissions to allow S3 clients access to data objects. Objects are only accessible by providing access and secret keys to the S3 client. However, objects can be shared with anyone by providing a pre-signed URL allowing temporary access to the object. Pre-signed URLs are time-sensitive and allow any recipient with the URL to download an object. For example, if you store a video recording in a Lyve Cloud bucket, you can share the file by creating a pre-signed URL.

Pre-requisites

  • Download a command line tool such AWS CLI.

  • Provide S3 Client access to Lyve Cloud bucket(s). For instructions, see Connecting S3 clients.

Creating a pre-signed URL for download operations

To create a pre-signed URL to download an object:

Use the S3 client to request an object residing in your Lyve Cloud bucket. The following instructions generate a pre-signed URL to share an object for a designated period of time.

  1. Open your command line application (Command Prompt for PC, Terminal for Mac) and use the following command to configure your profile:

    configure --profile (profile name) 

    C:\Users\693611>aws configure --profile adr

  2. Enter your bucket’s access key, secret key, region name, and output format:

    • AWS Access Key ID [None]: Enter access key ID.

    • AWS Secret Access Key [None]: Enter secret access key

    • Default region name [None]: Enter default region name (us-east or us-west)

    • Default output format [None]: Enter default output format (optional)

    Example

    • AWS Access Key ID [None]: **************QGS

    • AWS Secret Access Key [None]: *****************************3CJ

    • Default region name [None]: us-east-1

    • Default output format [None]:

  3. Enter the following command to list your buckets:

    S3 ls --profile (enter profile name) –-endpoint URL 

    Example

    C:\Users\693611>aws s3 ls --profile adr --endpoint https://s3.us-east-1.lyvecloud.seagate.com   

    Result

    2021-06-08 15:12:58 ahtestbucket 

  4. Enter the following command to generate a presigned URL.

    Default expiration time can vary from client to client.

    S3 presign s3://bucketname/objectfile --profile (profile name) --endpoint URL  

    Example

    C:\Users\693611>aws s3 presign s3://ahtestbucket/certificate.pdf --profile adr  --endpoint https://s3.us-east-1.lyvecloud.seagate.com Example 

    Result

    https://s3.us-east-1.lyvecloud.seagate.com/ahtestbucket/certificate.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=YKANULVJJF5ASGQS%2F20211202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20211202T152353Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=e97e4b48c15bfa2f3b724fc9c23b8a4cd8bc324d434d67a6fe31e44a241adaf3 

  5. Copy the generated URL and share your object.

    If you experience errors viewing the URL, check to ensure the bucket and object name in the command line follow the same lowercase and uppercase structure in your bucket. CLI is case sensitive.

    Conclusion

    With pre-signed URLs, you can provide temporary access to an object in Lyve Cloud. Pre-signed URL is an efficient and effective way to provide access to individual files without giving access to your storage account. Easily create and share a URL in minutes, using S3 clients with Lyve Cloud storage.

    In this section: