PreSigned URL

Last updated on Mar 19, 2026

Create a presigned URL using a S3 client

The following example uses S3cmd to create a presigned URL:

With the commandsignurl you can create an URL, that publishes an object temporary.

s3cmd signurl <bucket-name> <expiry_epoch|+expiry_offset>

The value forexpiry_epoch represents an epoch timestamp of the expiry date and time. Alternative you can also define a + followed by the time the URL should stay valid. For the s3://my-example-bucket bucket, the command will look like this:

s3cmd signurl s3://my-example-bucket/testfile.txt +3600
# http://object.storage.eu01.onstackit.cloud:443/my-example-bucket/testfile.txt?AWSAccessKeyId=KPVIPPUECP9XX40CVKEA&Expires=1638891653&Signature=abI28tb61IZoUmbXV4cu3opc18w%3D

This will create a URL which will grant read access to the file testfile in the named bucket for 3600 seconds (1 hour).

Create a presigned URL using the Python SDK

The following small example will show how to use the AWS S3 Python SDK (Boto3) to create a presigned URL with write access (PUT) to a specific object within a bucket:

import boto3

def request_presigned_post():

    S3_ENDPOINT = "https://object.storage.eu01.onstackit.cloud"
    S3_ACCESS_KEY = "YOUR_ACCESS_KEY"
    S3_SECRET_KEY = "YOUR_SECRET_KEY"
    S3_BUCKET = "YOUR_BUCKET"
    s3key = "YOUR_FILE"

#create s3 client

    s3client = boto3.client('s3',
                            endpoint_url=S3_ENDPOINT,
                            aws_access_key_id=S3_ACCESS_KEY,
                            aws_secret_access_key=S3_SECRET_KEY,
                            )
#create presigned url

    presigned_request = s3client.generate_presigned_url(
            'put_object',
            Params={'Bucket': S3_BUCKET, 'Key': s3key},  ExpiresIn=3600)
    print(presigned_request)

def main():
    request_presigned_post()

if __name__ == "__main__":
    main()

For further information please see the official boto3 documentation!