In this video, you will learn how to create a pre-signed URL to give time-bound access to an individual Simple Storage Service (S3) object. You will learn that pre-signed URLs can be created programmatically from a number of Software Development Kits (SDKs). You will learn how to use a plug-in to Microsoft Visual Studio to easily generate a pre-signed URL.
- [Voiceover] Pre-signed URLs are a unique way…to grant temporary access to S3 objects,…to people who don't have a AWS account.…Since pre-signed URLs expire,…using them is a great way to enable…time limited access to objects in S3.…Let's explore how pre-signed URLs work.…Let's say a company stores marketing collateral in S3.…Kevin is a developer with an IAM user account.…As part of an upcoming marketing campaign,…he is tasked with making some time sensitive…collateral images,…accessible to the world.…
Instead of using access control lists…on the individual S3 objects,…he decides to generate a pre-signed URL.…Part of the marketing collateral contains coupons…that expire.…Because of this requirement,…Kevin chooses to use pre-signed URLs,…as they become invalid after a specified period of time.…Using his security credentials,…Kevin generates a pre-signed URL,…set to expire after the marketing campaign is over.…Kevin can embed that pre-sign URL in websites,…or marketing emails.…
The marketing campaign goes out,…and people go to the website,…
Sharif Nijim couples pragmatic advice with practical examples that educate organizations on how to create a secure infrastructure within Amazon Web Services. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key identity and access management concepts: users, groups, roles, and policies. At the end of the course, he helps you prepare for the inevitable audit of your AWS account(s).
- The AWS shared responsibility model and security landscape
- Enabling CloudTrail
- Configuring AWS Identity and Access Management (IAM)
- Troubleshooting IAM policies
- Granting temporary access
- Incorporating least privilege
- Controlling access to Simple Storage Service (S3)
- Preparing for security audits
- Getting audit help from Trusted Advisor