amazon s3 bucket file download through pre-signed timebound urls
TRANSCRIPT
Amazon S3
Pre-Signed
URLs
Allow application
users to download
files from your private
Amazon S3 buckets
without giving access
to buckets
http://www.aws-simplified.com/
AWS S3 Pre-signed URLs
The Pre-signed time-bound URLs allow you
to let your end users:
Download files from you Amazon S3 private
bucket
Within certain time-limit
Without need for additional credentials.
Highly Simplified Use Case
Step 1: A user requests to download a file
through your business application.
He has no knowledge of your Amazon S3
buckets
Just like all documents, this file is stored on
the Amazon S3 bucket.
Highly Simplified Use Case
Highly Simplified Use Case
Step 2: You Application Invokes Amazon
S3 APIs
Highly Simplified Use Case
Highly Simplified Use Case
Step 3: S3 Creates Pre-signed URL
Pre-signed URL is time-bound and expires
after pre-specified time period.
Highly Simplified Use Case
Highly Simplified Use Case
Step 4: URL is returned to User
Your business application presents URL to
user.
Highly Simplified Use Case
Highly Simplified Use Case
Step 5: User download the file
User clicks on the link. Now two things can happen
User may click the link within 10 seconds from the
time it was created: he will be able to download
the file. Because the link was created using
Amazon S3 APIs, S3 bucket very well knows that
this download request is pre-authenticated. It lets
user download the file.
User clicks the link after 10 seconds: User gets error
and no file is downloaded.
Highly Simplified Use Case
Complete Flow