Amazon Web Services Question posted in
The official Amazon Web Services documentation can be found here.

Amazon web services – How to share objects in a S3 folder and get links to them?

I upload files to a folder in an S3 bucket via the S3 JavaScript SDK. Now I want to share all objects in that folder (maybe there are more objects later) therefore I want to get a list of all objects, create pre-signed URLs of them and deliver this list to the client. Do I need to generate a link for each object? How can I create these links with the SDK? Can the link be valid for more than 12 hours?

Tags:

3

Answers


  1. 0

    Unfortunately, S3 does not natively support folders. Instead, it uses a flat structure where "folders" are simulated through prefixes in object keys (e.g., folder_name/). You cannot directly create a presigned URL for a "folder," but you can allow access to all files under a certain prefix (i.e., "folder") by using a bucket policy or using IAM roles with the necessary permissions.

    Here’s a workaround you can consider:

    1. Generating Presigned URLs for All Files in a "Folder":
      You can programmatically generate presigned URLs for each object under a specific prefix (folder-like structure).

    2. Alternative: Use an S3 Bucket Policy with Prefix Restrictions:
      If you want to share access to all objects under a "folder" (prefix) without generating multiple presigned URLs, you could configure an S3 bucket policy to grant access to all objects with a specific prefix for a certain user or group.

    Sample code in node.js
    https://appp.me/4yRaMH

    Login or Signup to reply.
  2. 0

    Here is your solution

    const { S3Client, GetObjectCommand } = require('@aws-sdk/client-s3');

async function getURL(bucketName, keyName) {
  const s3Client = new S3Client();

  try {
    const getObjectCommand = new GetObjectCommand({
      Bucket: bucketName,
      Key: keyName,
    });

    const url = await s3Client.getSignedUrl(getObjectCommand, { expiresIn: 3600 });
    console.log(`The URL for ${keyName} is ${url}`);
  } catch (err) {
    console.error(err.message);
  }
}

    In this example, we use the GetObjectCommand from the @aws-sdk/client-s3 package to generate a pre-signed URL for the specified object. The getSignedUrl method is used to generate the URL, which expires in 3600 seconds (1 hour).

    Login or Signup to reply.
  3. 0

    Rather than generating pre-signed URLs for all objects, it is recommended to create pre-signed URLs at the time that the URLs are requested. This way, a short time period can be specified on the pre-signed URL (eg 5 minutes), which enhances security.

    For example, imagine a file-sharing app. Users might upload files through the app and the files are stored in S3. When the user accesses the app to see a listing of their files, the back-end should generate a pre-signed URL for each link at the time that the list is requested, with each link only valid for a short time. When the user clicks a link, they will have access to that file.

    Each object will have its own URL, which includes its own signature and expiry time.

    From Sharing objects with presigned URLs – Amazon Simple Storage Service:

    When you use the AWS SDKs to generate a presigned URL, the maximum expiration time is 7 days from the time of creation.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search