Does the signature method affect the expiration date of a Signed-URL in GCS?

anonymous · June 5, 2023, 5:47am

I am creating a Signed-URL with GCS.
“signBlob” to sign a signature, it appears to expire in as little as 12 hours due to the rotation of the signBlob’s key.
doc: https://cloud.google.com/storage/docs/access-control/signed-urls?hl=en#signing-iam

So does this mean that even though the signature expires in 7 days, it could expire before that?

And if I want it to be valid for 7 days, do I have to use the HMAC key?

KirTitievsky · June 5, 2023, 1:16pm

Reading this, signBlob is just one option for generating the signature. You can use other implementations of SHA-256 which do not depend on a key that rotates every 12 hours. So you should be able to use v4 signing with longer expirations if you don’t use signBlob.

Topic		Replies	Views
GCS Extension SignedURL duration Apigee api-runtime	1	12	June 23, 2020
Creating a signed URL to access Google Cloud Bucket. Apigee api-runtime	10	55	August 16, 2018
generate signedUrl for resource on Google Cloud Storage bucket Compute Infrastructure cloud-storage	4	146	March 11, 2023

Does the signature method affect the expiration date of a Signed-URL in GCS?

AI Suggested topics