DEV Community

Suave Bajaj
Suave Bajaj

Posted on

Using gsutil signed URL

A signed URL is a URL that provides limited permission and time to make a request. Signed URLs contain authentication information in their query string, allowing users without credentials to perform specific actions on a resource.

Creating a signed URL

What we will need:

  1. gsutil
  2. pyopenssl
  3. Service Account Key
  4. Path of the file/Object

Command

gsutil signurl -d 2d service-account-key.json gs://my-gcs-bucket/my-object

-d Specifies the duration that the signed url should be valid
For, default duration is 1 hour.Times may be specified with no suffix (default hours), or with s = seconds, m = minutes, h = hours, d = days.
This option may be specified multiple times, in which case
the duration the link remains valid is the sum of all the duration options.
The max duration allowed is 7 days when private-key-fileis used.
Any service-account-key can be used to encrypt the url

Issues

CommandException: The signurl command requires the pyopenssl library (try pip install pyopenssl or easy_install pyopenssl)

  • Install pyopenssl using the pip as per the python version

pip3 install pyopenssl

Even after installing pyopenssl if you are getting the same error, Check gcloud uses which python and python should point to a python interpreter used by gcloud

gcloud info --format="text(basic.python_location)"

➜ Desktop git:(master) ✗ gcloud info --format="text(basic.python_location)"
python_location: /Users/.config/gcloud/virtenv/bin/python3

Add the Environment Variables as

export CLOUDSDK_PYTHON=python3
export CLOUDSDK_PYTHON_SITEPACKAGES=1

Discussion (0)