Class CloudFrontService

  • All Implemented Interfaces:
    AWSRequestAuthorizer

    public class CloudFrontService
    extends Object
    implements AWSRequestAuthorizer
    A service that handles communication with the Amazon CloudFront REST API, offering all the operations that can be performed on CloudFront distributions.

    This class uses properties obtained through Jets3tProperties. For more information on these properties please refer to JetS3t Configuration

    Author:
    James Murty
    • Constructor Detail

      • CloudFrontService

        public CloudFrontService​(ProviderCredentials credentials,
                                 String invokingApplicationDescription,
                                 org.apache.commons.httpclient.auth.CredentialsProvider credentialsProvider,
                                 Jets3tProperties jets3tProperties,
                                 org.apache.commons.httpclient.HostConfiguration hostConfig)
                          throws CloudFrontServiceException
        Constructs the service and initialises its properties.
        Parameters:
        credentials - the Storage Provider user credentials to use when communicating with CloudFront
        invokingApplicationDescription - a short description of the application using the service, suitable for inclusion in a user agent string for REST/HTTP requests. Ideally this would include the application's version number, for example: Cockpit/0.7.3 or My App Name/1.0. May be null.
        credentialsProvider - an implementation of the HttpClient CredentialsProvider interface, to provide a means for prompting for credentials when necessary. May be null.
        jets3tProperties - JetS3t properties that will be applied within this service. May be null.
        hostConfig - Custom HTTP host configuration; e.g to register a custom Protocol Socket Factory. May be null.
        Throws:
        CloudFrontServiceException
    • Method Detail

      • getAWSCredentials

        public ProviderCredentials getAWSCredentials()
        Returns:
        the Storage Provider Credentials identifying the AWS user.
      • listDistributions

        public Distribution[] listDistributions​(int pagingSize)
                                         throws CloudFrontServiceException
        List all your standard CloudFront distributions, with a given maximum number of Distribution items in each "page" of results.
        Parameters:
        pagingSize - the maximum number of distributions the CloudFront service will return in each response message.
        Returns:
        a list of your distributions.
        Throws:
        CloudFrontServiceException
      • listStreamingDistributions

        public StreamingDistribution[] listStreamingDistributions​(int pagingSize)
                                                           throws CloudFrontServiceException
        List all your streaming CloudFront distributions, with a given maximum number of Distribution items in each "page" of results.
        Parameters:
        pagingSize - the maximum number of distributions the CloudFront service will return in each response message.
        Returns:
        a list of your distributions.
        Throws:
        CloudFrontServiceException
      • listDistributionsByBucketName

        public List<Distribution> listDistributionsByBucketName​(boolean isStreaming,
                                                                String bucketName)
                                                         throws CloudFrontServiceException
        List streaming or non-stream distributions whose origin is the given S3 bucket name.
        Parameters:
        bucketName - the name of the S3 bucket whose distributions will be returned.
        Returns:
        a list of distributions applied to the given S3 bucket, or an empty list if there are no such distributions.
        Throws:
        CloudFrontServiceException
      • listDistributions

        public Distribution[] listDistributions​(String bucketName)
                                         throws CloudFrontServiceException
        List the distributions whose origin is the given S3 bucket name.
        Parameters:
        bucketName - the name of the S3 bucket whose distributions will be returned.
        Returns:
        a list of distributions applied to the given S3 bucket, or an empty list if there are no such distributions.
        Throws:
        CloudFrontServiceException
      • listStreamingDistributions

        public StreamingDistribution[] listStreamingDistributions​(String bucketName)
                                                           throws CloudFrontServiceException
        List the streaming distributions whose origin is the given S3 bucket name.
        Parameters:
        bucketName - the name of the S3 bucket whose distributions will be returned.
        Returns:
        a list of distributions applied to the given S3 bucket, or an empty list if there are no such distributions.
        Throws:
        CloudFrontServiceException
      • createDistribution

        public Distribution createDistribution​(Origin origin,
                                               String callerReference,
                                               String[] cnames,
                                               String comment,
                                               boolean enabled,
                                               LoggingStatus loggingStatus,
                                               boolean trustedSignerSelf,
                                               String[] trustedSignerAwsAccountNumbers,
                                               String[] requiredProtocols,
                                               String defaultRootObject)
                                        throws CloudFrontServiceException
        Create a public or private CloudFront distribution for an S3 bucket.
        Parameters:
        origin - the origin to associate with the distribution, either an Amazon S3 bucket or a custom HTTP/S-accessible location.
        callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
        cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be a null or empty array.
        comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null.
        enabled - Should the distribution should be enabled and publicly accessible upon creation?
        loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
        trustedSignerSelf - If true the owner of the distribution (you) will be be allowed to generate signed URLs for a private distribution. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
        trustedSignerAwsAccountNumbers - Account Number identifiers for AWS account holders other than the distribution's owner who will be allowed to generate signed URLs for a private distribution. If null or empty, no additional AWS account holders may generate signed URLs. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
        requiredProtocols - List of protocols that must be used by clients to retrieve content from the distribution. If this value is null or is an empty array, all protocols will be supported.
        defaultRootObject - The name of an object that will be served when someone visits the root of a distribution.
        Returns:
        an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
        Throws:
        CloudFrontServiceException
      • createDistribution

        public Distribution createDistribution​(Origin origin)
                                        throws CloudFrontServiceException
        Create a minimally-configured CloudFront distribution for an S3 bucket that will be publicly available once created.
        Parameters:
        origin - the origin to associate with the distribution, either an Amazon S3 bucket or a custom HTTP/S-accessible location.
        Returns:
        an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
        Throws:
        CloudFrontServiceException
      • createDistribution

        public Distribution createDistribution​(Origin origin,
                                               String callerReference,
                                               String[] cnames,
                                               String comment,
                                               boolean enabled,
                                               LoggingStatus loggingStatus)
                                        throws CloudFrontServiceException
        Create a public CloudFront distribution for an S3 bucket.
        Parameters:
        origin - the origin to associate with the distribution, either an Amazon S3 bucket or a custom HTTP/S-accessible location.
        callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
        cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be a null or empty array.
        comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null.
        enabled - Should the distribution should be enabled and publicly accessible upon creation?
        loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
        Returns:
        an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
        Throws:
        CloudFrontServiceException
      • createStreamingDistribution

        public StreamingDistribution createStreamingDistribution​(Origin origin,
                                                                 String callerReference,
                                                                 String[] cnames,
                                                                 String comment,
                                                                 boolean enabled,
                                                                 LoggingStatus loggingStatus,
                                                                 boolean trustedSignerSelf,
                                                                 String[] trustedSignerAwsAccountNumbers)
                                                          throws CloudFrontServiceException
        Create a public or private streaming CloudFront distribution for an S3 bucket.
        Parameters:
        origin - the origin to associate with the distribution, either an Amazon S3 bucket or a custom HTTP/S-accessible location.
        callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
        cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be a null or empty array.
        comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null.
        enabled - Should the distribution should be enabled and publicly accessible upon creation?
        loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
        trustedSignerSelf - If true the owner of the distribution (you) will be be allowed to generate signed URLs for a private distribution. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
        trustedSignerAwsAccountNumbers - Account Number identifiers for AWS account holders other than the distribution's owner who will be allowed to generate signed URLs for a private distribution. If null or empty, no additional AWS account holders may generate signed URLs. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
        Returns:
        an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
        Throws:
        CloudFrontServiceException
      • createStreamingDistribution

        public StreamingDistribution createStreamingDistribution​(Origin origin,
                                                                 String callerReference,
                                                                 String[] cnames,
                                                                 String comment,
                                                                 boolean enabled,
                                                                 LoggingStatus loggingStatus)
                                                          throws CloudFrontServiceException
        Create a public streaming CloudFront distribution for an S3 bucket.
        Parameters:
        origin - the origin to associate with the distribution, either an Amazon S3 bucket or a custom HTTP/S-accessible location.
        callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
        cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be a null or empty array.
        comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null.
        enabled - Should the distribution should be enabled and publicly accessible upon creation?
        loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
        Returns:
        an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
        Throws:
        CloudFrontServiceException
      • getDistributionInfo

        public Distribution getDistributionInfo​(String id)
                                         throws CloudFrontServiceException
        Lookup information for a standard distribution.
        Parameters:
        id - the distribution's unique identifier.
        Returns:
        an object that describes the distribution, including its identifier and domain name values as well as its configuration details.
        Throws:
        CloudFrontServiceException
      • getStreamingDistributionInfo

        public StreamingDistribution getStreamingDistributionInfo​(String id)
                                                           throws CloudFrontServiceException
        Lookup information for a streaming distribution.
        Parameters:
        id - the distribution's unique identifier.
        Returns:
        an object that describes the distribution, including its identifier and domain name values as well as its configuration details.
        Throws:
        CloudFrontServiceException
      • updateDistributionConfig

        public DistributionConfig updateDistributionConfig​(String id,
                                                           Origin origin,
                                                           String[] cnames,
                                                           String comment,
                                                           boolean enabled,
                                                           LoggingStatus loggingStatus,
                                                           boolean trustedSignerSelf,
                                                           String[] trustedSignerAwsAccountNumbers,
                                                           String[] requiredProtocols,
                                                           String defaultRootObject)
                                                    throws CloudFrontServiceException
        Update the configuration of an existing distribution to change its properties or public/private status. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

        This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

        Parameters:
        id - the distribution's unique identifier.
        cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be null, in which case the original CNAME aliases are retained.
        comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null, in which case the original comment is retained.
        enabled - Should the distribution should be enabled and publicly accessible after the configuration update?
        loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
        trustedSignerSelf - If true the owner of the distribution (you) will be be allowed to generate signed URLs for a private distribution. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
        trustedSignerAwsAccountNumbers - Account Number identifiers for AWS account holders other than the distribution's owner who will be allowed to generate signed URLs for a private distribution. If null or empty, no additional AWS account holders may generate signed URLs. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
        requiredProtocols - List of protocols that must be used by clients to retrieve content from the distribution. If this value is null or is an empty array all protocols will be permitted.
        defaultRootObject - The name of an object that will be served when someone visits the root of a distribution.
        Returns:
        an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
        Throws:
        CloudFrontServiceException
      • updateStreamingDistributionConfig

        public StreamingDistributionConfig updateStreamingDistributionConfig​(String id,
                                                                             Origin origin,
                                                                             String[] cnames,
                                                                             String comment,
                                                                             boolean enabled,
                                                                             LoggingStatus loggingStatus)
                                                                      throws CloudFrontServiceException
        Update the configuration of an existing streaming distribution to change its properties. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

        This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

        Parameters:
        id - the distribution's unique identifier.
        cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be null, in which case the original CNAME aliases are retained.
        comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null, in which case the original comment is retained.
        enabled - Should the distribution should be enabled and publicly accessible after the configuration update?
        loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
        Returns:
        an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
        Throws:
        CloudFrontServiceException
      • updateStreamingDistributionConfig

        public StreamingDistributionConfig updateStreamingDistributionConfig​(String id,
                                                                             Origin origin,
                                                                             String[] cnames,
                                                                             String comment,
                                                                             boolean enabled,
                                                                             LoggingStatus loggingStatus,
                                                                             boolean trustedSignerSelf,
                                                                             String[] trustedSignerAwsAccountNumbers)
                                                                      throws CloudFrontServiceException
        Update the configuration of an existing streaming distribution to change its properties. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

        This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

        Parameters:
        id - the distribution's unique identifier.
        cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be null, in which case the original CNAME aliases are retained.
        comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null, in which case the original comment is retained.
        enabled - Should the distribution should be enabled and publicly accessible after the configuration update?
        loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
        origin - the origin to associate with the distribution, either an Amazon S3 bucket or a custom HTTP/S-accessible location.
        trustedSignerSelf - If true the owner of the distribution (you) will be be allowed to generate signed URLs for a private distribution. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
        trustedSignerAwsAccountNumbers - Account Number identifiers for AWS account holders other than the distribution's owner who will be allowed to generate signed URLs for a private distribution. If null or empty, no additional AWS account holders may generate signed URLs. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
        Returns:
        an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
        Throws:
        CloudFrontServiceException
      • updateDistributionConfig

        public DistributionConfig updateDistributionConfig​(String id,
                                                           Origin origin,
                                                           String[] cnames,
                                                           String comment,
                                                           boolean enabled,
                                                           LoggingStatus loggingStatus)
                                                    throws CloudFrontServiceException
        Update the configuration of an existing distribution to change its properties. If the original distribution is private this method will make it public instead. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

        This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

        Parameters:
        id - the distribution's unique identifier.
        cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be null, in which case the original CNAME aliases are retained.
        comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null, in which case the original comment is retained.
        enabled - Should the distribution should be enabled and publicly accessible after the configuration update?
        loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
        Returns:
        an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
        Throws:
        CloudFrontServiceException
      • updateDistributionConfig

        public DistributionConfig updateDistributionConfig​(String id,
                                                           DistributionConfig config)
                                                    throws CloudFrontServiceException
        Update the configuration of an existing distribution to change its properties or public/private status. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

        This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

        Parameters:
        id - the distribution's unique identifier.
        config - Configuration properties to apply to the distribution.
        Returns:
        an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
        Throws:
        CloudFrontServiceException
      • deleteDistribution

        public void deleteDistribution​(String id)
                                throws CloudFrontServiceException
        Delete a disabled distribution. You can only delete a distribution that is already disabled, if you delete an enabled distribution this operation will fail with a DistributionNotDisabled error.

        This method performs many of the steps necessary to delete a disabled distribution. It first performs lookup on the distribution using getDistributionConfig(String) to find its ETag value, then uses this information to delete the distribution.

        Because it can take a long time (minutes) to disable a distribution, this task is not performed automatically by this method. In your own code, you need to verify that a distribution is disabled with a status of Deployed before you invoke this method.

        Parameters:
        id - the distribution's unique identifier.
        Throws:
        CloudFrontServiceException
      • deleteStreamingDistribution

        public void deleteStreamingDistribution​(String id)
                                         throws CloudFrontServiceException
        Delete a disabled streaming distribution. You can only delete a distribution that is already disabled, if you delete an enabled distribution this operation will fail with a DistributionNotDisabled error.

        This method performs many of the steps necessary to delete a disabled distribution. It first performs lookup on the distribution using getDistributionConfig(String) to find its ETag value, then uses this information to delete the distribution.

        Because it can take a long time (minutes) to disable a distribution, this task is not performed automatically by this method. In your own code, you need to verify that a distribution is disabled with a status of Deployed before you invoke this method.

        Parameters:
        id - the distribution's unique identifier.
        Throws:
        CloudFrontServiceException
      • createOriginAccessIdentity

        public OriginAccessIdentity createOriginAccessIdentity​(String callerReference,
                                                               String comment)
                                                        throws CloudFrontServiceException
        Create a new Origin Access Identity
        Parameters:
        callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
        comment - An optional comment to describe the identity (max 128 characters). May be null.
        Returns:
        The origin access identity's properties.
        Throws:
        CloudFrontServiceException
      • invalidateObjects

        public Invalidation invalidateObjects​(String distributionId,
                                              String[] objectKeys,
                                              String callerReference)
                                       throws CloudFrontServiceException
        Remove distribution objects from a CloudFront edge server cache to force a refresh of the object data from the S3 origin.
        Parameters:
        distributionId -
        objectKeys - S3 object key names of object(s) to invalidate.
        callerReference -
        Returns:
        invalidation object
        Throws:
        CloudFrontServiceException
      • invalidateObjects

        public Invalidation invalidateObjects​(String distributionId,
                                              S3Object[] objects,
                                              String callerReference)
                                       throws CloudFrontServiceException
        Remove distribution objects from a CloudFront edge server cache to force a refresh of the object data from the S3 origin.
        Parameters:
        distributionId -
        objects - S3 object(s) to invalidate.
        callerReference -
        Returns:
        invalidation object
        Throws:
        CloudFrontServiceException
      • listInvalidations

        public InvalidationList listInvalidations​(String distributionId,
                                                  String nextMarker,
                                                  int pagingSize)
                                           throws CloudFrontServiceException
        List a single page of up to pagingSize past invalidation summaries, ordered from most recent to oldest. If there are more prior invalidations than will fit on the page you must perform follow-up calls to this method to obtain a complete listing.
        Parameters:
        distributionId -
        nextMarker - a marker string indicating where to begin the next page of listing results. Start with null for an initial listing page, then set to the NextMarker value of each subsequent page returned.
        pagingSize - maximum number of invalidation summaries to include in each result page, up to 100.
        Returns:
        invalidation listing
        Throws:
        CloudFrontServiceException
      • sanitizeS3BucketName

        public static String sanitizeS3BucketName​(String proposedBucketName)
        Sanitizes a proposed bucket name to ensure it is fully-specified rather than merely the bucket's short name. A fully specified bucket name looks like "jets3t.s3.amazonaws.com".
        Parameters:
        proposedBucketName - the proposed S3 bucket name that will be sanitized.
        Returns:
        the bucket name with the DEFAULT_BUCKET_SUFFIX added, if necessary.
      • buildPolicyForSignedUrl

        public static String buildPolicyForSignedUrl​(String resourcePath,
                                                     Date epochDateLessThan,
                                                     String limitToIpAddressCIDR,
                                                     Date epochDateGreaterThan)
                                              throws CloudFrontServiceException
        Generate a policy document that describes custom access permissions to apply via a private distribution's signed URL.
        Parameters:
        resourcePath - An optional HTTP/S or RTMP resource path that restricts which distribution and S3 objects will be accessible in a signed URL. For standard distributions the resource URL will be "http://" + distributionName + "/" + objectKey (may also include URL parameters. For distributions with the HTTPS required protocol, the resource URL must start with "https://". RTMP resources do not take the form of a URL, and instead the resource path is nothing but the stream's name. The '*' and '?' characters can be used as a wildcards to allow multi-character or single-character matches respectively:
        • * : All distributions/objects will be accessible
        • a1b2c3d4e5f6g7.cloudfront.net/* : All objects within the distribution a1b2c3d4e5f6g7 will be accessible
        • a1b2c3d4e5f6g7.cloudfront.net/path/to/object.txt : Only the S3 object named path/to/object.txt in the distribution a1b2c3d4e5f6g7 will be accessible.
        If this parameter is null the policy will permit access to all distributions and S3 objects associated with the certificate keypair used to generate the signed URL.
        epochDateLessThan - The time and date when the signed URL will expire. REQUIRED.
        limitToIpAddressCIDR - An optional range of client IP addresses that will be allowed to access the distribution, specified as a CIDR range. If null, the CIDR will be 0.0.0.0/0 and any client will be permitted.
        epochDateGreaterThan - An optional time and date when the signed URL will become active. If null, the signed URL will be active as soon as it is created.
        Returns:
        A policy document describing the access permission to apply when generating a signed URL.
        Throws:
        CloudFrontServiceException
      • signUrl

        public static String signUrl​(String resourceUrlOrPath,
                                     String keyPairId,
                                     byte[] derPrivateKey,
                                     String policy)
                              throws CloudFrontServiceException
        Generate a signed URL that allows access to distribution and S3 objects by applying access restrictions specified in a custom policy document.
        Parameters:
        resourceUrlOrPath - The URL or path that uniquely identifies a resource within a distribution. For standard distributions the resource URL will be "http://" + distributionName + "/" + objectKey (may also include URL parameters. For distributions with the HTTPS required protocol, the resource URL must start with "https://". RTMP resources do not take the form of a URL, and instead the resource path is nothing but the stream's name.
        keyPairId - Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.
        derPrivateKey - The RSA private key data that corresponding to the certificate keypair identified by keyPairId, in DER format. To convert a standard PEM private key file into this format use the utility method EncryptionUtil.convertRsaPemToDer(java.io.InputStream)
        policy - A policy document that describes the access permissions that will be applied by the signed URL. To generate a custom policy use buildPolicyForSignedUrl(String, Date, String, Date).
        Returns:
        A signed URL that will permit access to distribution and S3 objects as specified in the policy document.
        Throws:
        CloudFrontServiceException
      • signUrlCanned

        public static String signUrlCanned​(String resourceUrlOrPath,
                                           String keyPairId,
                                           byte[] derPrivateKey,
                                           Date epochDateLessThan)
                                    throws CloudFrontServiceException
        Generate a signed URL that allows access to a specific distribution and S3 object by applying a access restrictions from a "canned" (simplified) policy document.
        Parameters:
        resourceUrlOrPath - The URL or path that uniquely identifies a resource within a distribution. For standard distributions the resource URL will be "http://" + distributionName + "/" + objectKey (may also include URL parameters. For distributions with the HTTPS required protocol, the resource URL must start with "https://". RTMP resources do not take the form of a URL, and instead the resource path is nothing but the stream's name.
        keyPairId - Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.
        derPrivateKey - The RSA private key data that corresponding to the certificate keypair identified by keyPairId, in DER format. To convert a standard PEM private key file into this format use the utility method EncryptionUtil.convertRsaPemToDer(java.io.InputStream)
        epochDateLessThan - The time and date when the signed URL will expire. REQUIRED.
        Returns:
        A signed URL that will permit access to a specific distribution and S3 object.
        Throws:
        CloudFrontServiceException