Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Generate S3 pre-signed URL with v4 signature using python boto3

Tags:

python

amazon-s3

The following does not work:

From the boto 3 docs:

http://boto3.readthedocs.io/en/latest/guide/s3.html#generating-presigned-urls

This is my script with placeholder bucket and key values:

import boto3
import requests
from botocore.client import Config

# Get the service client.
s3 = boto3.client('s3', config=Config(signature_version='s3v4'))

# Generate the URL to get 'key-name' from 'bucket-name'
url = s3.generate_presigned_url(
    ClientMethod='get_object',
    Params={
        'Bucket': 'mybucketname',
        'Key': 'myObject.txt'
    }
)

print url
response = requests.get(url)
print response

S3 responds with a 403:

<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>B5681E888657E2A1</RequestId>
<HostId>
FMS7oPPOXt4I0KXPPQwdBx2fyxze+ussMmy/BOWLVFusWMoU2zAErE08ez34O6VhSYRvIYFm7Bs=
</HostId>
</Error>
like image 621
RandomUser Avatar asked Sep 21 '17 02:09

RandomUser

People also ask

What are S3 pre-signed URLs?

Pre-signed URLs are used to provide short-term access to a private object in your S3 bucket. They work by appending an AWS Access Key, expiration time, and Sigv4 signature as query parameters to the S3 object. There are two common use cases when you may want to use them: Simple, occasional sharing of private files.

How do I use a pre-signed URL?

When you create a presigned URL, you must provide your security credentials and then specify a bucket name, an object key, an HTTP method (PUT for uploading objects), and an expiration date and time. The presigned URLs are valid only for the specified duration.

How do I create a signed URL?

To create a valid pre-signed URL for your object, you must provide your security credentials, specify a bucket name, an object key, specify the HTTP method (for instance the method is "GET" to download the object) and expiration date and time. Anyone who receives the pre-signed URL can then access the object.

1 Answers

You need to provide aws credentials with your boto3 client. Docs here

If you need help getting access to your credentials on aws you can look here.

import boto3
client = boto3.client(
    's3',
    aws_access_key_id=ACCESS_KEY,
    aws_secret_access_key=SECRET_KEY,
    aws_session_token=SESSION_TOKEN,
)

# Or via the Session
session = boto3.Session(
    aws_access_key_id=ACCESS_KEY,
    aws_secret_access_key=SECRET_KEY,
    aws_session_token=SESSION_TOKEN,
)
like image 180
Kyle Avatar answered Nov 05 '22 20:11

Kyle
Sign in to Comment

Related questions

How can I import a data frame from R saved as RData to pandas?
Convert datetime into number of hours?
inner join/merge in pandas dataframe give more rows than left dataframe
Ubuntu install apache spark via apt-get
Python Bloomberg API pdblp intraday request
Airflow: Can't connect to ('0.0.0.0', 8080)
What is going on behind this numpy selection behavior?
OpenCV Error: Unknown error code -49 in Python
How to add sparse vectors after group by, using Spark SQL?
How do I get the application context in a Blueprint, but not in a request?
Efficiently using Numpy to assign function values to array
How to update Celery Task ETA?
python importError name lru_cache
Python pandas time series interpolation datetime data
Can I create single file executable with nuitka?
Easily producing Python AST for multiple expressions in one line
Django model fields from constants?
Python 3 reading CSV file with line breaks in rows
Indexing with lists and arrays in numpy appears inconsistent
Slicing a DataGrameGroupBy object

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!