Deno module for creating presigned URLs to get and update objects in Amazon S3 (AWS Signature Version 4). Implemented and tested as per https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html.
Usage
import { getSignedUrl } from 'https://deno.land/x/aws_s3_presign/mod.ts'
const url = getSignedUrl({
accessKeyId: 'my-aws-access-key-id',
secretAccessKey: 'my-aws-secret-access-key',
bucket: 'example-bucket',
key: '/test.txt',
region: 'us-east-1',
})Options
interface GetSignedUrlOptions {
bucket: string // required
key: string // required
accessKeyId: string // required
secretAccessKey: string // required
sessionToken?: string // AWS STS token
method?: 'GET' | 'PUT' // default 'GET'
region?: string // default 'us-east-1'
queryParams?: Record<string, string | number> // additional query parameters
expiresIn?: number // seconds, default 86400 (24 hours)
date?: Date // forced creation date, for testing
endpoint?: string // custom endpoint, default s3.amazonaws.com
protocol?: string // 'http' or 'https' for endpoint, default 'https'
usePathRequestStyle?: boolean // use s3.amazonaws.com/<bucket>/<key> request style
signatureKey?: string // optional pre-generated signature created with getSignatureKey()
}Pre-generating signature keys
In instances where a large number of URLs is required it will be computationally
benefical to generate the required signature key and pass it to
getSignedUrl(...) to avoid recalculation:
import { getSignatureKey, getSignedUrl } from 'https://deno.land/x/aws_s3_presign/mod.ts'
const date = new Date()
const signatureKey = getSignatureKey({
date,
region: 'us-east-1',
secretAccessKey: 'aws-secret-access-key',
})
const url = getSignedUrl({
signatureKey,
...
})Testing
git clone https://github.com/dansalias/aws_s3_presign
cd ./aws_s3_presign
deno test