What are the “presigned URL” in S3? For me, when I first read about it, It sound me a little strange feature, but, when you are reading about AWS, this is a concept that appear from time on time, and you, definitely need to understand it, if want to get ready in your exam preparation. So, let’s go for it!
First of all, according the official doc, the only way to build a presigned URL is with one of the AWS SDK. And, in our case, we are going to use de AWS SDK for Java
After said that, let’s start the post:
Step 01: Starting from the last Step!
Let’s start from the end, the last step, to have one idea about we are going to:
I already have a Java 8 Maven project, with the Maven pom.xml with the dependences to AWS SDK for Java and the sample code from AWS to generate the presigned URL, so, after run it … I get the code 200 with everything Ok:
We can see that, when we are executing the Java Program “GeneratingPresignedUrlAndUploadObject”, the “Presigned URL” is created and it is printed in the log, and one object is uploaded to an S3 and the API return a 200 (ok) Status Code
The 200 status code means that the “miobject” was successful created in the S3 bucket:
Let’s see that the bucket didn’t have public access permissions, but the Java code was able to put a new object from and build the “Presigned URL” for it:
According to the [official doc with the presigned URL that we have just generated, we can give it to anyone, and although the bucket is still private, the receptor of the presigned URL will be able to access to this buckets objects as soon as the presigned URL creator have this permission ….
In short, If I want to give some permission on a bucket to someone, I can build with one AWS SDK a presigned URL, and give that URL to someone, to let access to bucket resourses, that remain private for everyone but still accesible for me as owner and the person that I gave the presigned URL
Step 02: recap: Where is te code?
This is the sample code:
You can get it from the Java Maven Project working on my public repo:
Or, in either case, you can get it from, the original AWS Documentation
https://docs.aws.amazon.com/AmazonS3/latest/dev/PresignedUrlUploadObjectJavaSDK.html
Step 03: Let’s build and run
When you have have the source code available is just the half of the road: you need to build and run it, dealing with some things like dependences and environment variables, so, the “plus” in this post, is also show you how is possible to build, and run the source code.
$ git clone https://github.com/PabloEzequiel/shared-images.git
$ cd shared-images/lambda/java-aws-sample
$ mvn clean install
Let’s exec the app with:
$ mvn exec:java -Dexec.mainClass="aws.s3sample.GeneratePresignedUrlAndUploadObject"
There is an error, but that is correct: we need to create the bucket in S3, and upload on IT one S3 object, so, let’s do it now, in the next step:
Step 04: Let’s Upload (PUT) the Object in S3
In the source code we have the name that we should give to the bucket and the name of the object to upload on it:
First, let’s run $ aws configure to be sure that we are in the right account, and later we can validate it with: $ aws get-sts-identity
Let’s create the bucket with default (private) access:
And now, with the bucket created, let’s exec the app again:
`
$ mvn exec:java -Dexec.mainClass="aws.s3sample.GeneratePresignedUrlAndUploadObject"
We get the presigned URL, and the Object Created
Let’s Observe the Java Code:
`Step 05: Let’s Recover (GET) the Object from S3
Now, the last step is to use the presigned URL, and for simplicity, we will use the presinged URL that we have createdto be accessed with the GET method:
So, thanks to presigned URL, is posible to recover the Object from a private bucket, and to use it, the user don’t need to interact wit the AWS console, just with the presigned URL that we have generated for him.
**
Final words**
Ok, I will stop the post at this point. We have been able to show from a practical point of view, what is the idea of presigned URL, to give access to someone to our private resources for a short period of time, and how to generate and use it.
That is an interesting concept to understand because it is presente and frequently referenced in AWS certification material as use cases.
I hope you enjoyed it, and let’s see us in the another post!
Pablo
**
Resources**
The Source [Code of This Post can be found on my personal GitHub](https://github.com/PabloEzequiel/shared-images/tree/master/lambda/java-aws-sample)
This post have something about Java, and [this is a good post about How to start with Java and Maven](https://mkyong.com/maven/how-to-create-a-java-project-with-maven/)
The [Official Doc about presigned URL](https://mkyong.com/maven/how-to-create-a-java-project-with-maven/) deal with this concept in detail, but later is up to you make it work, so, that is the idea of one post like this, to show you how the thinks are working.
By the way, the original Post about it, was on my Medium space
I hope you enjoy it!
Top comments (0)