To generate a long lived S3 presigned url, you need to create a separate IAM role with a long life span and give the lambda function (or whatever), sts:AssumeRole permissions to assume this role and generate a presigned url.
getSSTAWSPermissions only lets you pass in resources which I don't think works in this case because this is what the permission looks like for assume role:
To generate a long lived S3 presigned url, you need to create a separate IAM role with a long life span and give the lambda function (or whatever),
sts:AssumeRole
permissions to assume this role and generate a presigned url.getSSTAWSPermissions
only lets you pass in resources which I don't think works in this case because this is what the permission looks like for assume role: