Amazon S3's Object Expiration came in handy today while integrating with Crocodoc. Crocodoc's upload api allows for either POSTing a file or sending a link to a file for downloading. Well, posting files is more error-prone and memory-intensive than a simple GET request, and adding a new authentication approach to protect files from non-Crocodoc access seemed equally unnecessary.
The solution was to use the stable and well-tested S3 streaming upload class to post the file to a secure location in a temporary bucket. Using a private ACL and a signed URL (with a short timeout) for passing to the web service, the file has a healthy level of security. Then, configure the bucket for an appropriate lifecycle. For use with a web service integration, the lifecycle could be set at as little as 1 day. WIth the Object Expiration set, Amazon now takes care of both the special authentication and cleaning up the temporary files later.