2 個答案
- 最新
- 最多得票
- 最多評論
0
The presigned URL uses the permissions granted by the credentials that is was created with. So if those credentials expire in (say) two hours and your pre-signed URL is set to 7 days the pre-signed URL will not work after two hours because the credentials have expired.
In this case you will need to have a set of credentials that expire after your pre-signed URL does. One way to do this is to create an IAM user that only has the S3 permissions that you require; store those credentials in ParameterStore; ensure that only the Lambda function can access the credentials; and then use those credentials in your Lambda function to generate the pre-signed URL.
相關內容
- 已提問 6 個月前
- AWS 官方已更新 2 年前