Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

S3: ExpiredToken error for S3 pre-signed url within expiry period

Tags:

python

amazon-s3

boto3

This is how I am generating pre-signed url for an S3 object from my python script.

s3client = boto3.client("s3")
url = s3client.generate_presigned_url("get_object", Params={"Bucket": args.bucket, "Key": dated_filename}, ExpiresIn=86400)

where I am giving an expiry of 24 hours.

When I try to download the file immediately using the url from a browser, it works. But it doesn't work if I try to download it, say after 10-12 hours (I don't know the exact time after which it starts failing).

This is the error I am getting.

<Code>ExpiredToken</Code>
<Message>The provided token has expired.</Message>

Not sure if it is a bug or I am not doing it the right way. Any help would be appreciated.

like image 442
pratpor Avatar asked Mar 22 '17 12:03

pratpor

People also ask

Why is my Presigned URL for an Amazon S3 bucket expiring before the expiration time that I specified?

If you created a presigned URL using a temporary token, then the URL expires when the token expires. The URL expires even if the URL was created with a later expiration time.

How long is S3 Presigned URL valid for?

Using the S3 console In the Amazon S3 console, the maximum expiration time for a presigned URL is 12 hours from the time of creation.

What happens when an S3 object expires?

During this time, based on their expiration dates, any object found to be expired will be queued for removal. You will not be billed for any associated storage for those objects on or after their expiration date. If server access logging has been enabled for that S3 bucket, an S3. EXPIRE.

1 Answers

Are you running under an IAM role? A presigned URL is only valid as long as the session key that was used when generating it. If you are authenticating as an IAM user with long-lived access keys, this is not a problem. But IAM roles use temporary access keys that cycle every 36 hours.

You know your session key has expired because you are getting the "The provided token has expired." error, which (as noted above) is a different error message than "Request has expired " which you get when the presigned URL reached its expiration date.

Also, presigned URLs have a hard limit of 7 days - but that doesn't seem to be your problem.

like image 183
Robert Antonucci Avatar answered Sep 27 '22 19:09

Robert Antonucci
Sign in to Comment

Related questions

Pandas pct change from initial value
Polygon perimeter
Read data from OECD API into python (and pandas)
'module' object has no attribute 'svc'
TypeError: unsupported operand type(s) for /:
Set y-axis scale for pandas Dataframe Boxplot(), 3 Deviations?
How to remove hyphens from a list of strings [duplicate]
How to create a dictionary with new KEY with data from list? [duplicate]
Python custom module name not defined
what is the shortcut for "replace all" in pycharm
Convert JSON list of integers to String in Django Rest Framework
Charting Candlestick_OHLC one minute bars with Pandas and Matplotlib
Install scipy for both python 2 and python 3
python - replace the boolean value of a list with the values from two different lists [duplicate]
Get Type in Robot Framework
Regex split string by last occurrence of pattern
Convert array of integers into dictionary of indices
Django - authenticate() A user with that username already exists
Python - Create a List Starting at a Given Value and End at Given Length
insert item to list without insert() or append() Python

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!