Develop Reference

How do I get a download link for an object I upload to an AWS bucket?

I'm using AWS S3 boto3 to upload files to my AWS bucket called uploadtesting. Here is an example implementation:
import boto3
...
s3 = boto3.resource('s3')
s3.meta.client.upload_file('files/report.pdf', 'uploadtesting', 'report.pdf')
Accessing the object from the AWS S3 console allows you to see the object URL, however it is not a downloadable link. What I wanted to know is how can I use python to print out a downloadable link to the file I just uploaded?

It appears you are asking how to generate a URL that allows a private object to be downloaded.
This can be done by generating an Amazon S3 pre-signed URL, which provides access to a private S3 object for a limited time.
Basically, using credentials that have access to the object, you can create a URL that is 'signed'. When Amazon S3 receives this URL, it verifies the signature and provides access to the object if the expiry period has not ended.
From Presigned URLs — Boto3 documentation:
response = s3_client.generate_presigned_url('get_object',
Params={'Bucket': bucket_name,
'Key': object_name},
ExpiresIn=expiration)
The ExpiresIn parameter is expressed in seconds.

The format is:
https://BUCKET-NAME.s3.amazonaws.com/OBJECT-KEY
So your object would be:
https://uploadtesting.s3.amazonaws.com/report.pdf
There is no supplied function to generate this string, so use:
url = f'https://{bucket_name}.s3.amazonaws.com/{key}'

Generate pre-signed url for object in s3 bucket and perform 301 redirect in aws lambda

I am facing an issue which I have been unable to solve. I wish to generate a pre signed URL and redirect the user in the front end on that url so that he can download the file. For that reason I added one more trigger on my lambda function and that is an API Gateway. Here is my code:
import os
import boto3
def lambda_handler(event, context):
url = ""
for record in event['Records']:
bucket = record['s3']['bucket']['name']
file_key = record['s3']['object']['key']
uri_duration = 90
s3Client = boto3.client('s3')
url = s3Client.generate_presigned_url('get_object', Params =
{'Bucket': bucket,
'Key': file_key},
ExpiresIn = uri_duration)
print(url)
return {"location": url }
The code is supposed to to save the pre-signed url in the "location", which is then mapped to the API. The problem is that after debugging I realized that this function is run once every time it is called either by the API Gateway or from the s3 bucket. Therefore I would like to ask if someone knows if there is any way to generate a pre-signed url and do a 301 redirect there with any other way? Sorry if my question is obvious I am new to AWS

How can I let a user download a file from an s3 bucket when clicking on a button?

I am sorry if this question is straightforward, I excected to find a lot of info on it but unfortunately I have been looking since a while and cant find anything. How could I let a user download a file which is stored in an amazon s3 bucket when clicking on a button? I thought of implementing this with a lambda function with the aid of the boto3 python SDK but I am not sure if this is possible. Thanks in advance for any help you can provide

Yes, it should be possible. You can generate a pre-signed link in a manner similar to the following.
url = s3.generate_presigned_url(
ClientMethod='get_object',
Params={
'Bucket': get_bucket_name(),
'Key': s3_key
}
)

The case you mentioned is possible . We can handle the same using couple of ways.
We could make the s3 bucket a public readable one, which effectively make the objects available to all the users which i think is not a good approach if you think of the security scenarios.
We can go for a pre-signed URL for which we can setup an expiration time, so that the link will gets expired after a specific time.
{
bucket = 'bucket_name' # name of the s3 bucket
file_key = 'file_path/file_name' # key including any folder paths
uri_duration = 10 #expiry duration in seconds. default 3600
s3Client = boto3.client('s3')
_uri = s3Client.generate_presigned_url('get_object', Params =
{'Bucket': bucket, 'Key': file_key}, ExpiresIn = uri_duration)
}

How to access image by url on s3 using boto3?

What I want to accomplish is to generate a link to view the file (ex.image or pdf). The item is not accessible by URL (https://[bucket].s3.amazonaws.com/img_name.jpg), I think because its private and not public? (I'm not the owner of the bucket, but he gave me the access_key and secret_key?)
For now, all I can do is to download a file with this code.
s3.Bucket('mybucket').download_file('upload/nocturnes.png', 'dropzone/static/pdf/download_nocturnes.png')
I want to access an image on s3 so I can put it on an HTML, can I view it using the access and secret key?. Thank you for those who can help!

You can accomplish this using a pre-signed URL using the generate_presigned_url function. The caveat is that pre-signed URLs must have an expiration date. I was unable to find documentation on the maximum allowed duration. Here is an example:
url = s3.generate_presigned_url('get_object',
Params={
'Bucket': 'mybucket',
'Key': 'upload/nocturnes.png',
},
ExpiresIn=3600)
print url

For people who want to use generate_presigned_url for a public object and therefore don't want to do the signing part that appends credentials, the best solution I found is to still to use the generate_presigned_url, just that the Client.Config.signature_version needs to be set to botocore.UNSIGNED.
The following returns the public link without the signing stuff.
config.signature_version = botocore.UNSIGNED
boto3.client('s3', config=config).generate_presigned_url('get_object', ExpiresIn=0, Params={'Bucket': bucket, 'Key': key})
The relevant discussions on the boto3 repository are:
https://github.com/boto/boto3/issues/110
https://github.com/boto/boto3/issues/169
https://github.com/boto/boto3/issues/1415

boto3: generate_presigned_url expiring prematurely

I'm using the following code to generate a signed URL:
client.generate_presigned_url('get_object',
{'Bucket': client.bucket, 'Key': s3_filename}, ExpiresIn=expiry_seconds, HttpMethod='GET')
This generates a URL that looks something like this:
https://[bucket_name].s3.amazonaws.com/[path]?AWSAccessKeyId=[access-key-id]&Signature=[signature]&Expires=1478646479&x-amz-security-token=[long_token_string]
The 'Expires' timestamp is 4 days in the future (at the time of writing) and yet when clicking on the link, I get the 'Token has expired' XML response. The link does work for a few hours after generation.
Is there anything else that I should be looking at?
Thanks.

The expiry time of 1478646479 equates to 2016-11-08T23:07:59+00:00, which is in the future, so the expiry time being generated appears correct. (If the clock was wrong on the computer generating the link, this might have been wrong.)
The next thing to check are the permissions associated with the entity (identified by the AWSAccessKeyId) that created the pre-signed URL. In effect, the URL is using the permissions of that entity (eg IAM User, IAM Role, STS credentials) to grant time-limited access to an object. If that entity no longer has permission to access the object, then the pre-signed URL will no longer function.
You can perform tests on pre-signed URLs by using the aws s3 presign command in the AWS Command-Line Interface (CLI).

If you created a presigned URL using a temporary token, then the URL expires when the token expires. To have a URL valid for up to seven days you need to assign IAM user credentials.
Signature Version 4 is a requirement for this to work.
Here is what this looks like in boto3.
import boto3
from botocore.client import Config
s3 = boto3.client('s3',
config=Config(signature_version='s3v4'),
region_name = 'us-east-1',
aws_access_key_id = ‘THE_ID’,
aws_secret_access_key = ‘THE_KEY’
)
response = s3.generate_presigned_url('get_object',
Params={'Bucket': bucket_name,
'Key': ‘key_name’
},
ExpiresIn=expiration
)