By default, files/objects in Amazon/AWS’s Simple Storage Service (S3) are blocked from all public access, which means that users without AWS permissions will get an “AccessDenied” error when trying to access them. But sometimes, you DO need to share files with external users, and presigned URLs are the way to do that.

In this hands-on tutorial, I’ll walk through how to create an S3 bucket (with all public access blocked) and then upload a file to it. We’ll then see how to generate a presigned URL for the file using the Console (in the browser). And then we’ll see how to programmatically create the presigned URL using the Python SDK (in a Cloud9 IDE environment).

Links to videos and documentation referenced:
• Learn the basics of S3: https://youtu.be/mDRoyPFJvlU
• AWS documentation for presigned URLs: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html
• boto3 documentation for using credentials with the boto client: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html

00:00 – Overviewing the need to share S3 files/objects with external users
00:32 – Creating an S3 bucket with no public access
01:31 – Access denied on S3 files
02:10 – Introducing presigned URLs for sharing S3 files
03:20 – Programmatically creating presigned URLs for S3 files using the SDK
04:31 – Implementing Python code to create presigned URLs for S3 files
07:05 – Options for using credentials with the boto3 S3 client
07:38 – Deleting the S3 bucket and Cloud9 environment

Similar Posts