Best practice to get pre-signed Amazon S3 download URL

Question

I have the following code as part of a backend sample for generating download links which are valid for 15 minutes.

$url = "{$bucket}/{$key}";
$request = $this->s3Client->get($url);
return $this->s3Client->createPresignedUrl($request, '+15 minutes');

From what I understand, this makes a web request to Amazon, and I need to generate about 20-30 download links per pageload.

So how would I go about not abusing the Amazon API, while still allowing clients to download files? The 2 options I could think of are:

1. Generate the links client-side (either on click or on page load) and store them inside cookies, so that upon refresh, no extra API calls are made.
2. Generate the links server-side and store them either in cookies or in the session.

What I'm interested in is:

1. What's the best practice to generate the links (client- vs. server-side)?
2. How should I cache the links (ie. where)?

Answer 1

This is a non-issue, because creating a pre-signed URL with the AWS SDK for PHP does not make a request to AWS. You may also find that the S3Client::getObjectUrl() method is easier to use, since it is an abstraction of what you are doing now.