s3 urls are handy especially if backend is built on lambdas and it is not that easy to handle media files via lambda / api getaway. We use s3 urls for letting clients upload documents and for downloading some "customer statements". Those "customer statements" are first stored on s3 and then download url is returned to the browser with redirect header so browser automatically triggers download (or preview for pdf).
That's indeed a perfect use case for S3 pre-signed URLs. Thanks for sharing Iurii! Is there any particular gotcha that you found out the hard way or something you wish would be easier with pre-signed URLs?
@@AWSBites I think "gotcha" with cors setup on s3 might be slightly tricky for new comers. Also we had this gotcha with permissions. Our API user had access to this particular bucket within ip range of corporate network. It meant that presigned url failed for clients. It took us some time to figure out why it fails for clients.
How can generate pre-sign URLs for multiple objects for example all user profile images in my system. I don't want pre-signed URL to be generated for each image again and again when users navigate through the system
If you have a use case where these images need to be public you could use a CloudFront distribution rather than relying on pre-signed URLs. Pre-signed URLs are more when you want to control who can read or write a specific resource (maybe they need to be explicitly authorised or they had to perform a specific action like completing a payment before being able to have access to the file). Let us know if this helps :)
s3 urls are handy especially if backend is built on lambdas and it is not that easy to handle media files via lambda / api getaway. We use s3 urls for letting clients upload documents and for downloading some "customer statements". Those "customer statements" are first stored on s3 and then download url is returned to the browser with redirect header so browser automatically triggers download (or preview for pdf).
That's indeed a perfect use case for S3 pre-signed URLs. Thanks for sharing Iurii!
Is there any particular gotcha that you found out the hard way or something you wish would be easier with pre-signed URLs?
@@AWSBites I think "gotcha" with cors setup on s3 might be slightly tricky for new comers. Also we had this gotcha with permissions. Our API user had access to this particular bucket within ip range of corporate network. It meant that presigned url failed for clients. It took us some time to figure out why it fails for clients.
How can generate pre-sign URLs for multiple objects for example all user profile images in my system. I don't want pre-signed URL to be generated for each image again and again when users navigate through the system
If you have a use case where these images need to be public you could use a CloudFront distribution rather than relying on pre-signed URLs. Pre-signed URLs are more when you want to control who can read or write a specific resource (maybe they need to be explicitly authorised or they had to perform a specific action like completing a payment before being able to have access to the file).
Let us know if this helps :)
Typical claim check pattern..