[joelennon]

Signed URLs (or pre-signed URLs) typically expire after a short time frame. The idea is that they exist for long enough for the object in question to be retrieved in the application, and they then automatically expire. Although they don't typically have a single-use limitation, this is often the intention a developer has when using a pre-signed URL.

[grose]

Yep! It's a bit of a balancing act because you want the files to be cache friendly (skipping tracks back and forth shouldn't make you download it every time) but you also don't want people to abuse (share) them. You can also restrict the signed URLs by IP address but that can cause trouble for people with dynamic IPs so I opted not to do that.