Best practices for using presigned requests

This section discusses best practices for using presigned requests that a security engineer should consider. The guidelines include:

Foundational best practices, which are practices that every organization should follow.
Additional guardrails, which are practices that you should consider, but might decide to implement partially or with exceptions. These are intended to provide additional control and defense in depth, but should be balanced against overall complexity.
Logging interactions, which might result from devices or services that are part of your or your customer's responsibility in the shared responsibility model. This section includes precautions to limit the information that is accessible through logs.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Identifying presigned requests

Foundational best practices