Discussion on: Share Your AWS S3 Private Content With Others, Without Making It Public

[Idris Rampurawala]

Hey, it is safe in the sense that you decide the users who will get access to the resource, but do evaluate on the following points:

• Restrict access by ensuring Limiting presigned URL capabilities
• Always generate a URL with an expiry
• The access key and token shared in the presigned-url are generated at runtime and one cannot easily manipulate the url (check was docs)
• Try not to disclose your S3 path in the URL (use CloudFront)
• Lastly, avoid sharing your S3 files if it contains sensitive information. Rather mask if for the end-users.

Hope it solves your queries.