What is difference between Pre-Signed Url and Signed Url?

c# amazon-web-services amazon-s3 amazon-cloudfront

Akash Kava · Dec 31, 2013 · Viewed 22.1k times · Source

I intend to private object in public bucket, thus restricting access to object, not other objects in bucket. And I want to setup CloudFront to serve content with Signed URLs. Now in AWS S3 documentation, I see two different terms, one is Pre-signed URL to access private object, and other is Signed URL which requires downloading private key etc and do something more.

What is difference between Pre-Signed URL and Signed URLs? Can I use PreSigned URL's with CloudFront?

C# Library has method GetPreSignedURL, does it automatically download private keys etc and does signing or this GetPreSignedURL method is different then S3 URL Signing that requires setting up private keys and then signing URL?

Answer

Sorry but this question was really badly answered, so I'm gonna chime in.

First we gotta distinguish the services we are talking about and referring to here. Both S3 and CloudFront have URL signing features that work differently.

However, only S3 refers to them as Pre-signed URLs; CloudFront refers to them as Signed URLs and Signed Cookies.

Note the service names in the URLs, in the documentation below.

https://docs.aws.amazon.com/AmazonS3/latest/dev/PresignedUrlUploadObject.html

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls.html#private-content-how-signed-urls-work

For a more in depth comparison of the different services check out the link below. If I had to guess, I would guess that AWS chose to name their signing services differently to avoid confusion.

https://tutorialsdojo.com/aws-cheat-sheet-s3-pre-signed-urls-vs-cloudfront-signed-urls-vs-origin-access-identity-oai/

What is difference between Pre-Signed Url and Signed Url?

Answer

Related questions