AWS CloudFront Signed URL

• An ending date and time, after which the URL is no longer valid.
• (Optional) The date and time that the URL becomes valid.
• (Optional) The IP address or range of addresses of the computers that can be used to access your content.
• Restrict access to files in Amazon S3 buckets

Related terms

• Custom policies and canned policies
• aws s3 presign
• RSA-SHA1
• HMAC
• GCP: gsutil signurl
• Signed URL

Activities

Amazon

• Read Serving private content with signed URLs and signed cookies, https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
• Read https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-canned-policy.html
• Read Using signed URLs: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls.html
• Read https://stackoverflow.com/questions/tagged/signed-url?tab=Votes

GCP

• https://cloud.google.com/storage/docs/access-control/signed-urls

See also

• AWS CloudFront, distributions, Invalidations, Amazon CloudFront Ready, aws cloudfront, CloudFront Functions, Lambda@Edge, Origin Shield, Signed URL, OAI, Origin Access Control (OAC), Amazon CloudFront edge locations, cloudfront.net, invalidations, CloudFront Security Savings Bundle (CFSSB)
• AWS S3, aws s3, aws s3api, aws s3control, s3:, Amazon S3 Storage Lens, AWS S3 replication, CRR, SSR, CAR, S3 Replication Time Control (S3 RTC), Website endpoint, Amazon Macie, Versioning, Lifecycle, Encryption, logging, Amazon S3 Inventory, Amazon S3 Batch Operations, Storage Classes, Amazon S3 clients, Terraform S3, AWS canned ACLs, Directory buckets, security, PutObject