AWS S3 signed URLs handbook - How to handle files in a serverless environment
Don't get fooled by the apparent simpleness of signed URLs. Whomever you want to protect your files from knows how they work under the hood. An implementation that "seems to work" is insecure and gives a false sense of security.
This book teaches you everything you need to know about S3 signed URLs. You'll learn what signed URLs are, why they are needed for serverless applications, how to implement them securely, and how they work with other AWS services. All this, with a special eye for security.
It contains the background knowledge so that you'll know the cases where signed URLs are the solution. It comes with almost a dozen deploy-to-try examples to allow easy experimentation with the different aspects.
When I initially started experimenting with signed URLs I quickly realized how easy it is to end up with a solution that is unreliable and insecure. I spent several months to figure out what is missing from the documentations so that you don't need to.
You'll learn:
- How S3 signed URLs work and why they are essential for a serverless stack
- How to solve common problems and how to secure the implementation
- How to use them with other services, such as CloudFront and KMS
This book is written in a handbook style. It dives deep into a single technology and provides help when you need it. It features analyses how each choice or piece of technology affects the security of signed URLs.
FAQ
Is in-depth knowledge of AWS required?
This book assumes some technical knowledge and a basic understanding of the AWS platform. If you've already written a Lambda function and you've seen Terraform code you should be fine.
What is the refund policy?
My goal for this book is to help you implement a secure and robust solution using signed URLs and I'm confident that this book will help you achieve that. But if for any reason you are not happy with your purchase, send me an email within 30 days of the purchase and you'll get a full refund.