amazon web services - AWS Lambda create presigned URL for S3 using invoked credentials

Question

Welcome To Ask or Share your Answers For Others

amazon web services - AWS Lambda create presigned URL for S3 using invoked credentials

posted Jan 25, 2021 in Technique[技术] by 深蓝 (71.8m points)

amazon web services - AWS Lambda create presigned URL for S3 using invoked credentials

I'm trying to create a presigned URL for a S3 bucket in AWS Lambda (Python 3.7) that is signed using the credentials of the person that invoked the Lambda function via API Gateway.

The flow would be:

User sends HTTP request to API Gateway, which is secured using Amazon Cognito.
The API gateway then invokes a Lambda function, which knows who the original user is.
The Lambda function then generates a presigned URL for the S3 bucket using the original user's credentials, rather than the default Lambda role etc.

I have managed to generate a presigned URL using the default Lambda role, just haven't managed to make this use the original user's credentials. Any direction in this would be great, thanks.

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-01-25T05:30:47+0000

Assuming you can pass the access token, you may generste temporary credentials using GetCredentialsForIdentity

Categories

amazon web services - AWS Lambda create presigned URL for S3 using invoked credentials

amazon web services - AWS Lambda create presigned URL for S3 using invoked credentials

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags