Welcome toVigges Developer Community-Open, Learning,Share
Welcome To Ask or Share your Answers For Others


0 votes
in Technique[技术] by (71.8m points)

amazon web services - AWS Lambda create presigned URL for S3 using invoked credentials

I'm trying to create a presigned URL for a S3 bucket in AWS Lambda (Python 3.7) that is signed using the credentials of the person that invoked the Lambda function via API Gateway.

The flow would be:

  1. User sends HTTP request to API Gateway, which is secured using Amazon Cognito.
  2. The API gateway then invokes a Lambda function, which knows who the original user is.
  3. The Lambda function then generates a presigned URL for the S3 bucket using the original user's credentials, rather than the default Lambda role etc.

I have managed to generate a presigned URL using the default Lambda role, just haven't managed to make this use the original user's credentials. Any direction in this would be great, thanks.

Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Assuming you can pass the access token, you may generste temporary credentials using GetCredentialsForIdentity

Welcome to Vigges Developer Community for programmer and developer-Open, Learning and Share