You have private data that you would like to share with someone, but you don’t want to make it widely available.
One neat feature of S3 is the ability to generate self-expiring URLs pointing to data in S3. This allows you to share private data in S3 without changing the permissions of the object. It also means that you can control how long the URL you pass on to your collaborator will work. You can have it expire in 5 seconds, 5 days, 5 months, or any other time period that seems appropriate. The example below shows an interactive session that creates a new, private object in S3, generates a URL that expires in 30 seconds, retrieves the object data, waits 30 seconds, and then attempts to retrieve the data again to show that access is, in fact, denied.
Example 3-10. Generate an Expiring URL for an S3 Object
$ python
Python 2.7.1 (r271:86882M, Nov 30 2010, 10:35:34)
[GCC 4.2.1 (Apple Inc. build 5664)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import boto, urllib2, time
>>> s3 = boto.connect_s3()
>>> b = s3.lookup('garnaat_pub')
>>> k = b.new_key('my_private_data_to_share.txt')
>>> k.set_contents_from_string('Python and AWS')
>>> url = k.generate_url(30)
>>> urllib2.urlopen(url).read()
'Python and AWS'
>>> time.sleep(30)
>>> urllib2.urlopen(url).read()
Traceback (most recent call last):
...
urllib2.HTTPError: HTTP Error 403: Forbidden
>>>