Qiita Teams that are logged in
You are not logged in to any team

Log in to Qiita Team
Community
OrganizationEventAdvent CalendarQiitadon (β)
Service
Qiita JobsQiita ZineQiita Blog
16
Help us understand the problem. What are the problem?

More than 5 years have passed since last update.

@kikuchy

S3の事前署名付き(期限付き)URLに設定できる期限には上限がある

完全に備忘録です。
S3には全く詳しくないので、期限を伸ばす方法とかあれば是非教えてくださいorz

期限付きでファイルをダウンロードできるURLを生成したく、S3の期限付き署名済み (Pre-signed) URLを使うことに。
ところが、どうやら1ヶ月とかの期間は設定できない様子…?

Amazon様はこう言っている

Authenticating Requests by Using Query Parameters (AWS Signature Version 4)X-Amz-Expires の説明欄によると、

Provides the time period, in seconds, for which the generated presigned URL is valid. For example, 86400 (24 hours). This value is an integer. The minimum value you can set is 1, and the maximum is 604800 (seven days).

A presigned URL can be valid for a maximum of seven days because the signing key you use in signature calculation is valid for up to seven days.

(意訳)
生成されたURLの有効期間を秒で設定します。例えば86400は24時間になります。値は整数値です。設定できる最小値は1、最大値は604800(7日間)です。

署名計算に使用する署名鍵は7日間有効なので、事前署名付きURLの最大有効期限は7日間になります。

ということで、どうやら最大でも7日間しか有効にはならない感じ。

生成コード

#!/usr/bin/env coffee

AWS = require "aws-sdk"

AWS.config.update
    accessKeyId: process.env.AWS_ACCESS_KEY_ID
    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
    region: "ap-northeast-1"
s3 = new AWS.S3()
url = s3.getSignedUrl "getObject",
    Bucket: "my-bucket"
    Key: "my_file_with_expires.pdf"
    Expires: 60*60*24*7

console.log url

1ヶ月有効なURL作りたかったなぁ。

参考

Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
16
Help us understand the problem. What are the problem?