Learn how to create a pre-signed URL to give time-bound access to an individual Simple Storage Service (S3) object. Pre-signed URLs can be created programmatically from a number of Software Development Kits (SDKs). You can use a plug-in to Microsoft Visual Studio to easily generate a pre-signed URL.
- [Instructor] Pre-signed URLs are a unique way…to grant temporary access to S3 objects…to people who don't have an AWS account.…Since pre-signed URLs expire, using them is a great way…to enable time-limited access to objects in S3.…Let's explore how pre-signed URLs work.…Let's say a company stores marketing collateral in S3.…Kevin is a developer with an IIM user account.…As part of an upcoming marketing campaign,…he is tasked with making some time-sensitive…collateral images accessible to the world.…
Instead of using access-control lists…on the individual S3 objects,…he decides to generate a pre-signed URL.…Part of the marketing collateral…contains coupons that expire.…Because of this requirement,…Kevin chooses to use pre-signed URLs,…as they become invalid after a specified period of time.…Using his security credentials,…Kevin generates a pre-signed URL…set to expire after the marketing campaign is over.…Kevin can embed that pre-signed URL…in web sites or marketing emails.…
The marketing campaign goes out,…and people go to the website or open the marketing emails;…
Sharif Nijim couples pragmatic advice with practical examples that educate IT pros on how to create a secure infrastructure within Amazon Web Services. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key identity and access management concepts, including users, groups, roles, and policies. Learn how to configure Identity and Access Manager (IAM) and Simple Storage Service (S3) access management, including policies and access control lists. At the end of the course, Sharif helps you prepare for the inevitable audit of your AWS account(s).
This course is also part of a series designed to help you prepare for the AWS Certified SysOps Administrator – Associate certification exam.
- Summarize the AWS Shared Responsibility Model.
- Recall how to implement separation of duties.
- Differentiate between assigning permissions to an individual versus a group.
- Summarize how to create IAM roles.
- Describe how to secure financial access.
- Recall the steps for managing access to S3 with IAM.
- Cite the advantages of a pre-signed URL.