Presigned URLs are... #flashcard - URLs that give the user permission to upload a file to a specific location in the Blob Storage service. We can generate a presigned URL and send it to the user when they want to upload a file. - These URLs are generated with a specific expiration time, after which they become invalid, offering a secure way to share files without altering permissions. When a presigned URL is created, it includes authentication information as part of the query string, enabling controlled access to otherwise private objects. - This makes them ideal for use cases like temporary file sharing, uploading objects to a bucket without giving users full API access, or providing limited-time access to resources. Presigned URLs can be generated programmatically using the cloud provider's SDK, allowing developers to integrate this functionality into applications seamlessly. This method enhances security by ensuring that sensitive data remains protected while still being accessible to authorized users for a limited period. | Feature | AWS | Google Cloud | Azure | | ------------------------- | ----------------------------------------------- | ----------------------------------------------- | --------------------------------------------------------- | | **Temporary Upload URLs** | Presigned URLs <br>(PUT or POST) | Signed URLs <br>(resumable or simple) | SAS tokens <br>(Shared Access Signature) | | **Multipart Uploads** | Multipart Upload API <br>(5MB-5GB parts) | Resumable Uploads <br>(flexible chunk sizes) | Block Blobs <br>(multipart equivalent, 4MB-100MB blocks) | | **Event Notifications** | S3 Event Notifications <br>(to Lambda/SQS/SNS) | Cloud Storage Pub/Sub <br>(to Cloud Functions) | Event Grid <br>(blob storage events) | | **CDN with Signed URLs** | CloudFront <br>(signed URLs/cookies) | Cloud CDN <br>(signed URLs) | Azure CDN <br>(SAS tokens) | | **Cleanup Policies** | Lifecycle Rules | Lifecycle Management | Lifecycle Management Policies |