CODEWITHSUNDEEP
amazon-s3
Prasanna
Prasanna

Reputation: 11544

Is it possible to share files for selective users using Amazon S3

I have few files in my S3 bucket. Is it possible to share them with selected users. Those people might not have Amazon S3 account. I know if i make it public everyone could able to download the files using URL.

I want something like an encrypted URL or an URL that asks for some Username and password immediately when it is been hit.

And also i do not want to install any new/ third party softwares to be installed by everyone.

Thanks

Upvotes: 4

Views: 7759

Answers (3)

David
David

Reputation: 2647

If you have the AWS CLI installed you can simply use presign.

aws s3 presign s3://[bucket]/[path_filename]

You can also set the link to expire in 24hrs 86400 = (60 * 60 * 24))

aws s3 presign s3://[bucket]/[path_filename] --expires-in 86400

Upvotes: 1

herve
herve

Reputation: 3964

Here is a sample ruby code to generate signed urls for a particular location in your bucket.

Install aws-sdk:

gem install aws-sdk

Create a new file, name it as you want, I choose shareS3files.rb see it on gist.github.com:

#!/usr/bin/env ruby

require 'aws-sdk'
require 'json'

#loading credentials
creds = JSON.load(File.read('secrets.json'))
creds = Aws::Credentials.new(creds['AccessKeyId'], creds['SecretAccessKey'])

#loading config
conf = JSON.load(File.read('config.json'))

# Create a new S3 object
s3 = Aws::S3::Client.new(credentials: creds, region: conf['Region'])

# Create a resource object, simpler to use
resource = Aws::S3::Resource.new(client: s3)
bucket = resource.bucket(conf['Bucket'])

# enumerate every object in a bucket, and create a pre signed url with a 5 days expiration limit
bucket.objects(prefix: 'conf['Location']').each do |obj|
  puts "#{obj.key} => #{obj.object.presigned_url(:get, expires_in: 5 * 24 * 60 * 60)}"
end

Now, create both credential and configuration files:

secrets.json:

{
  "AccessKeyId": "TOCHANGE",
  "SecretAccessKey": "TOCHANGE"
}

config.json:

{
  "Region": "TOCHANGE",
  "Bucket": "tochange",
  "Location": "to/change/"
}

Further aws and ruby doc:

Upvotes: 1

Geoff Appleford
Geoff Appleford

Reputation: 18832

Absolutely.

You can make your files private and then generate time expiring signed urls to your files.

The signed urls are generated using your public key and secret key and are set to expire at a specified time in the future.

Depending on what technology you are using, its probably easiest to generate the urls using one of the AWS SDKS.

Signed urls look something like:

http://[bucket].s3.amazonaws.com/[key]?AWSAccessKeyId=[AWS_Public_Key]&Expires=1294766482&Signature=[generated_hash]

I explain a bit more about these urls in this answer.

Upvotes: 8

Related Questions