Lyve Cloud S3 Storage Resources Guide
Lyve Cloud S3 Storage Resources 

此内容对您有帮助吗?

打开菜单 关闭菜单

How to Create a Pre-Signed URL

To share an object without granting someone access to your storage account, you can share individual objects with the security and time sensitivity of a pre-signed URL.  In Lyve Cloud, console admins can set permissions to allow S3 clients access to data objects. Objects are only accessible by providing access and secret keys to the S3 client. However, objects can be shared with anyone by providing a pre-signed URL allowing temporary access to the object. Pre-signed URLs are time-sensitive and allow any recipient with the URL to download an object. For example, if you store a video recording in a Lyve Cloud bucket, you can share the file by creating a pre-signed URL.

Create a pre-signed URL for download operations

Use the S3 client to request an object in your Lyve Cloud bucket. The following instructions generate a pre-signed URL to share an object for a designated period.

Prerequisites

Download a command line tool such as AWS CLI.

Provide S3 Client access to Lyve Cloud bucket(s). For instructions, see Connecting S3 clients.

Create a pre-signed URL to download an object

To create a pre-signed URL:

  1. Open your command line application (Command Prompt for PC, Terminal for Mac) and use the following command to configure your profile:

    configure --profile (profile name) 
    

  2. Enter your bucket’s access key, secret key, region name, and output format:
  • AWS Access Key ID [None]: Enter access key ID.
  • AWS Secret Access Key [None]: Enter secret access key
  • Default region name [None]: Enter default region name (us-east or us-west)
  • Default output format [None]: Enter default output format (optional)

Example

  • AWS Access Key ID [None]: **************QGS
  • AWS Secret Access Key [None]: *****************************3CJ
  • Default region name [None]: us-east-1
  • Default output format [None]:
  1. Enter the following command to list your buckets:

    S3 ls --profile (enter profile name) –-endpoint URL 
    

    Example

    C:\Users\693611>aws s3 ls --profile adr --endpoint https://s3.us-east-1.lyvecloud.seagate.com   
    

    Result

    2021-06-08 15:12:58 ahtestbucket 
    

  2. Enter the following command to generate a pre-signed URL.

     Note—A default expiration time can vary from client to client.

    S3 presign s3://bucketname/objectfile --profile (profile name) --endpoint URL  
    

    Example

    C:\Users\693611>aws s3 presign s3://ahtestbucket/certificate.pdf --profile adr  --endpoint https://s3.us-east-1.lyvecloud.seagate.com Example 
    

    Result

    https://s3.us-east-1.lyvecloud.seagate.com/ahtestbucket/certificate.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=YKANULVJJF5ASGQS%2F20211202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20211202T152353Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=e97e4b48c15bfa2f3b724fc9c23b8a4cd8bc324d434d67a6fe31e44a241adaf3 
    

    Copy the generated URL and share your object.

    If you experience errors viewing the URL, check to ensure the bucket and object name in the command line follow the same lowercase and uppercase structure in your bucket. CLI is case-sensitive.

Create a pre-signed URL for upload operations

The Pre signed URL Upload python script uses packages from the python library Boto3, which provides an API for AWS infrastructure operations. To configure the API, you must use the AWS software development kit for Python (also known as Boto3). Boto3 provides a python API for AWS infrastructure services. Python is used to create an upload-presigned URL.

Prerequisites

Download and install the latest version of Python

Create and upload the pre-signed URL

 Important—The script prompts with an access key, secret key, bucket number, and object number to upload, as well as how long you wish for the URL to be active in minutes. Once entered, your object to upload is uploaded to the generated URL. The script generates an output status code for the upload operation.

You can create and upload the pre-signed URL in two ways:

  1. Using the .py file to create an upload URL in the command line.
  1. Navigate to the root directory, where PresignedURLUpload.py is stored.
  2. Run the following command:

    python -m pip install boto3
    

    Run the following command if you have python3 installed:

    python3 -m install boto3
    

     Note—Run the following command if you encounter a permission error:

    sudo pip install boto3
    
  3. After installing Boto3, run the python script to create the pre-signed URL using the following command:

    python PresignedURLUpload.py
    

    Run the following command if you have python3 installed:

    python3 PresignedURLUpload.py
    
  1. Writing the code for a pre-signed URL in python.
  1. Configure your profile in your python editor.

    Open the command line and type python or python3.

    Based on the python version installed, it initiates an environment to enter python code.

    Run the following command to import the required packages to configure your client:

    import boto3
    import requests
    import json
    from botocore.client import Config
    

    Declare the Access Key, Secret Key, desired bucket, and object names as variables.
     Note—Mention the details to simplify configuration and reduce user error; configuring your API is unnecessary. This step may be skipped by simply entering the original key values instead of variable names.

    access_key = <EXAMPLEACCESSKEY>
    secret_key = ‘EXAMPLESECRETKEY’
    bucket = ‘EXAMPLE BUCKET NUMBER’
    object_name_to_upload = ‘Example Object Name’
    

    Configure the API. Login, using the variables for your key values.

    s3 = boto3.client(‘s3’)
    session = boto3.session.Session()
    s3_client = session.client(
    	‘s3’, 
    	endpoint_url = ‘https://s3.us-east-1.lyvecloud.seagate.com’,
    	aws_access_key_id = access_key,
    	aws_secret_access_key=secret_key, region_name = ‘us-east-1’,
    	config=Config(signature_version = “s3v4” ))
    

  2. Generate the pre-signed URL using the following command and key values:

    The object_name_to_upload is the variable declared in the above steps. The value entered for ExpiresIn declares the expiry time in seconds.

    response = s3_client.generate_presigned_post(
    	Bucket = bucket,
    		Key = object_name_to_upload  
    			ExpiresIn = 36000)
    

    Upload the file to S3 using your presigned URL.

    files = {‘file’: open(object_name_to_upload, ‘rb’)}
    r = requests.post(response[‘url’], data = response[‘fields’], 
    files = files)
    

    Use the following command to view the status of the upload.

    print(r.status_code)
    

The script prompts with an access key, secret key, bucket number, and object number to upload, as well as how long you wish for the URL to be active in minutes. Once entered, your object to upload is uploaded to the generated URL. The script generates an output status code for the upload operation.

Conclusion

With pre-signed URLs, you can temporarily access an object in Lyve Cloud. A pre-signed URL is an efficient and effective way to access individual files without giving access to your storage account. You can easily create and share a URL in minutes using S3 clients with Lyve Cloud storage.