2回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
The presigned URL uses the permissions granted by the credentials that is was created with. So if those credentials expire in (say) two hours and your pre-signed URL is set to 7 days the pre-signed URL will not work after two hours because the credentials have expired.
In this case you will need to have a set of credentials that expire after your pre-signed URL does. One way to do this is to create an IAM user that only has the S3 permissions that you require; store those credentials in ParameterStore; ensure that only the Lambda function can access the credentials; and then use those credentials in your Lambda function to generate the pre-signed URL.
関連するコンテンツ
- 質問済み 5年前
- AWS公式更新しました 2年前