2 回答
- 最新
- 投票最多
- 评论最多
0
The presigned URL uses the permissions granted by the credentials that is was created with. So if those credentials expire in (say) two hours and your pre-signed URL is set to 7 days the pre-signed URL will not work after two hours because the credentials have expired.
In this case you will need to have a set of credentials that expire after your pre-signed URL does. One way to do this is to create an IAM user that only has the S3 permissions that you require; store those credentials in ParameterStore; ensure that only the Lambda function can access the credentials; and then use those credentials in your Lambda function to generate the pre-signed URL.
相关内容
- AWS 官方已更新 10 个月前
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前