Class CloudFrontUtilities
- java.lang.Object
-
- software.amazon.awssdk.services.cloudfront.CloudFrontUtilities
-
@Immutable @ThreadSafe public final class CloudFrontUtilities extends Object
Utilities for working with CloudFront distributionsTo securely serve private content by using CloudFront, you can require that users access your private content by using special CloudFront signed URLs or signed cookies. You then develop your application either to create and distribute signed URLs to authenticated users or to send Set-Cookie headers that set signed cookies for authenticated users.
Signed URLs take precedence over signed cookies. If you use both signed URLs and signed cookies to control access to the same files and a viewer uses a signed URL to request a file, CloudFront determines whether to return the file to the viewer based only on the signed URL.
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static CloudFrontUtilitiescreate()CookiesForCannedPolicygetCookiesForCannedPolicy(Consumer<CannedSignerRequest.Builder> request)Generate signed cookies that allows access to a specific distribution and resource path by applying access restrictions from a "canned" (simplified) policy document.CookiesForCannedPolicygetCookiesForCannedPolicy(CannedSignerRequest request)Generate signed cookies that allows access to a specific distribution and resource path by applying access restrictions from a "canned" (simplified) policy document.CookiesForCustomPolicygetCookiesForCustomPolicy(Consumer<CustomSignerRequest.Builder> request)Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.CookiesForCustomPolicygetCookiesForCustomPolicy(CustomSignerRequest request)Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.SignedUrlgetSignedUrlWithCannedPolicy(Consumer<CannedSignerRequest.Builder> request)Returns a signed URL with a canned policy that grants universal access to private content until a given date.SignedUrlgetSignedUrlWithCannedPolicy(CannedSignerRequest request)Returns a signed URL with a canned policy that grants universal access to private content until a given date.SignedUrlgetSignedUrlWithCustomPolicy(Consumer<CustomSignerRequest.Builder> request)Returns a signed URL that provides tailored access to private content based on an access time window and an ip range.SignedUrlgetSignedUrlWithCustomPolicy(CustomSignerRequest request)Returns a signed URL that provides tailored access to private content based on an access time window and an ip range.
-
-
-
Method Detail
-
create
public static CloudFrontUtilities create()
-
getSignedUrlWithCannedPolicy
public SignedUrl getSignedUrlWithCannedPolicy(Consumer<CannedSignerRequest.Builder> request)
Returns a signed URL with a canned policy that grants universal access to private content until a given date. For more information, see Creating a signed URL using a canned policy.This is a convenience which creates an instance of the
CannedSignerRequest.Builderavoiding the need to create one manually viaCannedSignerRequest.builder()- Parameters:
request- AConsumerthat will call methods onCannedSignerRequest.Builderto create a request.- Returns:
- A signed URL that will permit access to a specific distribution
and S3 object.
Example Usage
-
getSignedUrlWithCannedPolicy
public SignedUrl getSignedUrlWithCannedPolicy(CannedSignerRequest request)
Returns a signed URL with a canned policy that grants universal access to private content until a given date. For more information, see Creating a signed URL using a canned policy.- Parameters:
request- ACannedSignerRequestconfigured with the following values: resourceUrl, privateKey, keyPairId, expirationDate- Returns:
- A signed URL that will permit access to a specific distribution
and S3 object.
Example Usage
-
getSignedUrlWithCustomPolicy
public SignedUrl getSignedUrlWithCustomPolicy(Consumer<CustomSignerRequest.Builder> request)
Returns a signed URL that provides tailored access to private content based on an access time window and an ip range. The custom policy itself is included as part of the signed URL (For a signed URL with canned policy, there is no policy included in the signed URL). For more information, see Creating a signed URL using a custom policy.This is a convenience which creates an instance of the
CustomSignerRequest.Builderavoiding the need to create one manually viaCustomSignerRequest.builder()- Parameters:
request- AConsumerthat will call methods onCustomSignerRequest.Builderto create a request.- Returns:
- A signed URL that will permit access to distribution and S3
objects as specified in the policy document.
Example Usage
-
getSignedUrlWithCustomPolicy
public SignedUrl getSignedUrlWithCustomPolicy(CustomSignerRequest request)
Returns a signed URL that provides tailored access to private content based on an access time window and an ip range. The custom policy itself is included as part of the signed URL (For a signed URL with canned policy, there is no policy included in the signed URL). For more information, see Creating a signed URL using a custom policy.- Parameters:
request- ACustomSignerRequestconfigured with the following values: resourceUrl, privateKey, keyPairId, expirationDate, activeDate (optional), ipRange (optional)- Returns:
- A signed URL that will permit access to distribution and S3
objects as specified in the policy document.
Example Usage
-
getCookiesForCannedPolicy
public CookiesForCannedPolicy getCookiesForCannedPolicy(Consumer<CannedSignerRequest.Builder> request)
Generate signed cookies that allows access to a specific distribution and resource path by applying access restrictions from a "canned" (simplified) policy document. For more information, see Setting signed cookies using a canned policy.This is a convenience which creates an instance of the
CannedSignerRequest.Builderavoiding the need to create one manually viaCannedSignerRequest.builder()- Parameters:
request- AConsumerthat will call methods onCannedSignerRequest.Builderto create a request.- Returns:
- The signed cookies with canned policy.
Example Usage
-
getCookiesForCannedPolicy
public CookiesForCannedPolicy getCookiesForCannedPolicy(CannedSignerRequest request)
Generate signed cookies that allows access to a specific distribution and resource path by applying access restrictions from a "canned" (simplified) policy document. For more information, see Setting signed cookies using a canned policy.- Parameters:
request- ACannedSignerRequestconfigured with the following values: resourceUrl, privateKey, keyPairId, expirationDate- Returns:
- The signed cookies with canned policy.
Example Usage
-
getCookiesForCustomPolicy
public CookiesForCustomPolicy getCookiesForCustomPolicy(Consumer<CustomSignerRequest.Builder> request)
Returns signed cookies that provides tailored access to private content based on an access time window and an ip range. For more information, see Setting signed cookies using a custom policy.This is a convenience which creates an instance of the
CustomSignerRequest.Builderavoiding the need to create one manually viaCustomSignerRequest.builder()- Parameters:
request- AConsumerthat will call methods onCustomSignerRequest.Builderto create a request.- Returns:
- The signed cookies with custom policy.
Example Usage
-
getCookiesForCustomPolicy
public CookiesForCustomPolicy getCookiesForCustomPolicy(CustomSignerRequest request)
Returns signed cookies that provides tailored access to private content based on an access time window and an ip range. For more information, see Setting signed cookies using a custom policy.- Parameters:
request- ACustomSignerRequestconfigured with the following values: resourceUrl, privateKey, keyPairId, expirationDate, activeDate (optional), ipRange (optional)- Returns:
- The signed cookies with custom policy.
Example Usage
-
-