Pre‑Signed URLs.

Secure temporary access to your
Filebase bucket objects.

URL Generation

Create temporary access links

$ ./generate-url.sh --object image.jpg

Generating pre-signed URL...

URL: https://bucket.filebase.com/image.jpg Signature: AWS4-HMAC-SHA256 Expires: 3600 seconds Access: Temporary

URL ready for sharing

Security

Quick Start

Generate URLs in two steps

$ ./set-policy.sh --bucket my-bucket

Configuring bucket policy...

Access: Private URL Type: Pre-signed Methods: GET, PUT Duration: 1 hour

Policy applied successfully

Setup

View Docs

Documentation

Complete pre-signed URL guide

View Docs

Key Features

Discover how pre-signed URLs can enhance your application's security and user experience.

Temporary Access

Generate time-limited URLs that automatically expire after a specified duration, ensuring secure access control.

Secure Sharing

Share private bucket objects without exposing your AWS credentials or making the objects public.

Direct Uploads

Enable users to upload files directly to your buckets through their browsers without server-side proxying.

Granular Control

Specify permissions, expiration times, and content restrictions for each pre-signed URL.

Cross-Origin Access

Facilitate secure cross-origin resource sharing when combined with proper CORS configuration.

API Integration

Easily integrate with your applications using standard S3 SDK methods and libraries.

Implementation Guide

Follow these examples to implement pre-signed URLs in your applications.

Step 1

AWS CLI

Generate a pre-signed URL using the AWS CLI for quick testing and one-off operations.

bash

# Generate a pre-signed URL for GET operation (download)
aws s3 --endpoint https://s3.filebase.com presign \
    s3://your-bucket/file.jpg \
    --expires-in 3600

# Generate a pre-signed URL for PUT operation (upload)
aws s3 --endpoint https://s3.filebase.com presign \
    s3://your-bucket/upload-file.jpg \
    --expires-in 3600 \
    --method PUT

Step 2

Python Implementation

Use boto3 to generate pre-signed URLs programmatically in your Python applications.

python

import boto3
from botocore.config import Config

s3_client = boto3.client('s3',
    endpoint_url='https://s3.filebase.com',
    aws_access_key_id='YOUR_ACCESS_KEY',
    aws_secret_access_key='YOUR_SECRET_KEY',
    config=Config(
        region_name='us-east-1',
        signature_version='s3v4'
    )
)

# Generate URL for downloading (GET)
download_url = s3_client.generate_presigned_url('get_object',
    Params={
        'Bucket': 'your-bucket',
        'Key': 'file.jpg'
    },
    ExpiresIn=3600
)

# Generate URL for uploading (PUT)
upload_url = s3_client.generate_presigned_url('put_object',
    Params={
        'Bucket': 'your-bucket',
        'Key': 'upload-file.jpg'
    },
    ExpiresIn=3600
)

Step 3

JavaScript Integration

Implement pre-signed URLs in your web applications using the AWS SDK for JavaScript.

javascript

import { S3Client, PutObjectCommand, GetObjectCommand } from "@aws-sdk/client-s3";
import { getSignedUrl } from "@aws-sdk/s3-request-presigner";

const s3Client = new S3Client({
  endpoint: "https://s3.filebase.com",
  region: "us-east-1",
  credentials: {
    accessKeyId: "YOUR_ACCESS_KEY",
    secretAccessKey: "YOUR_SECRET_KEY"
  }
});

// Generate download URL
const getDownloadUrl = async () => {
  const command = new GetObjectCommand({
    Bucket: "your-bucket",
    Key: "file.jpg"
  });
  return await getSignedUrl(s3Client, command, { expiresIn: 3600 });
};

// Generate upload URL
const getUploadUrl = async () => {
  const command = new PutObjectCommand({
    Bucket: "your-bucket",
    Key: "upload-file.jpg"
  });
  return await getSignedUrl(s3Client, command, { expiresIn: 3600 });
};

// Example usage with fetch
const uploadFile = async (file) => {
  const uploadUrl = await getUploadUrl();
  await fetch(uploadUrl, {
    method: 'PUT',
    body: file
  });
};

Configuration Options

Choose between basic and advanced configurations for your pre-signed URLs.

json

{
  "operation": "GET",
  "bucket": "your-bucket",
  "key": "example.jpg",
  "expiresIn": 3600,
  "signatureVersion": "v4"
}

Basic Configuration

Simple configuration for basic file downloads. Includes essential parameters like expiration time and signature version.

Best Practices

Follow these guidelines to ensure secure and efficient implementation of pre-signed URLs.

Security

Minimal Expiration Time

Set the shortest possible expiration time needed for your use case to minimize security risks.

Content Restrictions

Use conditions to restrict file types, sizes, and other parameters when generating URLs.

Performance

URL Generation

Generate URLs on-demand rather than in bulk to ensure maximum freshness and validity.

Caching Strategy

Implement appropriate caching for frequently accessed resources to reduce URL generation overhead.

Implementation

Error Handling

Implement robust error handling for expired URLs and failed operations.

Monitoring

Track URL usage patterns and implement rate limiting to prevent abuse.

Risk Management

Access Logging

Maintain detailed logs of pre-signed URL generation and usage for security auditing.

Regular Review

Periodically review and update URL policies based on usage patterns and security requirements.

Ready to Get Started?

Implement pre-signed URLs in your applications or explore our documentation.

View Documentation

Read the complete technical guide and API reference