List of usage examples for com.amazonaws.services.cloudfront.model TrustedSigners TrustedSigners
public TrustedSigners()
From source file:ch.cyberduck.core.cloudfront.CloudFrontDistributionConfiguration.java
License:Open Source License
/** * Amazon CloudFront Extension to create a new distribution configuration * * @return Distribution configuration/*ww w . j a v a2s. c o m*/ */ protected StreamingDistribution createStreamingDistribution(final Path container, final Distribution distribution) throws BackgroundException { if (log.isDebugEnabled()) { log.debug(String.format("Create new %s distribution", distribution.getMethod().toString())); } final AmazonCloudFront client = client(container); final URI origin = this.getOrigin(container, distribution.getMethod()); final String originId = String.format("%s-%s", preferences.getProperty("application.name"), new AlphanumericRandomStringService().random()); final StreamingDistributionConfig config = new StreamingDistributionConfig( new AlphanumericRandomStringService().random(), new S3Origin(origin.getHost(), StringUtils.EMPTY), distribution.isEnabled()).withComment(originId) .withTrustedSigners(new TrustedSigners().withEnabled(false).withQuantity(0)) .withAliases(new Aliases().withItems(distribution.getCNAMEs()) .withQuantity(distribution.getCNAMEs().length)); // Make bucket name fully qualified final String loggingTarget = ServiceUtils.generateS3HostnameForBucket(distribution.getLoggingContainer(), false, new S3Protocol().getDefaultHostname()); if (log.isDebugEnabled()) { log.debug(String.format("Set logging target for %s to %s", distribution, loggingTarget)); } config.setLogging(new StreamingLoggingConfig().withEnabled(distribution.isLogging()) .withBucket(loggingTarget).withPrefix(preferences.getProperty("cloudfront.logging.prefix"))); return client.createStreamingDistribution(new CreateStreamingDistributionRequest(config)) .getStreamingDistribution(); }
From source file:ch.cyberduck.core.cloudfront.CloudFrontDistributionConfiguration.java
License:Open Source License
protected com.amazonaws.services.cloudfront.model.Distribution createDownloadDistribution(final Path container, final Distribution distribution) throws BackgroundException { if (log.isDebugEnabled()) { log.debug(String.format("Create new %s distribution", distribution.getMethod().toString())); }// ww w .j a v a 2s.c o m final AmazonCloudFront client = client(container); final URI origin = this.getOrigin(container, distribution.getMethod()); final String originId = String.format("%s-%s", preferences.getProperty("application.name"), new AlphanumericRandomStringService().random()); final DistributionConfig config = new DistributionConfig(new AlphanumericRandomStringService().random(), distribution.isEnabled()) .withComment(originId) .withOrigins( new Origins().withQuantity(1) .withItems(new Origin().withId(originId) .withCustomHeaders(new CustomHeaders().withQuantity(0)) .withOriginPath(StringUtils.EMPTY).withDomainName(origin.getHost()) .withS3OriginConfig(new S3OriginConfig() .withOriginAccessIdentity(StringUtils.EMPTY)))) .withPriceClass(PriceClass.PriceClass_All) .withDefaultCacheBehavior(new DefaultCacheBehavior().withTargetOriginId(originId) .withForwardedValues(new ForwardedValues().withQueryString(true) .withCookies(new CookiePreference().withForward(ItemSelection.All))) .withViewerProtocolPolicy(ViewerProtocolPolicy.AllowAll).withMinTTL(0L) .withTrustedSigners(new TrustedSigners().withEnabled(false).withQuantity(0))) .withDefaultRootObject(distribution.getIndexDocument()).withAliases(new Aliases() .withItems(distribution.getCNAMEs()).withQuantity(distribution.getCNAMEs().length)); // Make bucket name fully qualified final String loggingTarget = ServiceUtils.generateS3HostnameForBucket(distribution.getLoggingContainer(), false, new S3Protocol().getDefaultHostname()); if (log.isDebugEnabled()) { log.debug(String.format("Set logging target for %s to %s", distribution, loggingTarget)); } config.setLogging(new LoggingConfig().withEnabled(distribution.isLogging()).withIncludeCookies(true) .withBucket(loggingTarget).withPrefix(preferences.getProperty("cloudfront.logging.prefix"))); return client.createDistribution(new CreateDistributionRequest(config)).getDistribution(); }
From source file:ch.cyberduck.core.cloudfront.CloudFrontDistributionConfiguration.java
License:Open Source License
protected com.amazonaws.services.cloudfront.model.Distribution createCustomDistribution(final Path container, final Distribution distribution) throws BackgroundException { final AmazonCloudFront client = client(container); int httpPort = 80; int httpsPort = 443; final URI origin = this.getOrigin(container, distribution.getMethod()); if (origin.getPort() != -1) { if (origin.getScheme().equals(Scheme.http.name())) { httpPort = origin.getPort(); }//w w w. j a v a 2 s. c o m if (origin.getScheme().equals(Scheme.https.name())) { httpsPort = origin.getPort(); } } final String originId = String.format("%s-%s", preferences.getProperty("application.name"), new AlphanumericRandomStringService().random()); final DistributionConfig config = new DistributionConfig(new AlphanumericRandomStringService().random(), distribution.isEnabled()) .withComment(originId) .withOrigins(new Origins().withQuantity(1) .withItems(new Origin().withId(originId).withDomainName(origin.getHost()) .withCustomOriginConfig(new CustomOriginConfig().withHTTPPort(httpPort) .withHTTPSPort(httpsPort) .withOriginSslProtocols(new OriginSslProtocols().withQuantity(2) .withItems("TLSv1.1", "TLSv1.2")) .withOriginProtocolPolicy( this.getPolicy(distribution.getMethod()))))) .withPriceClass(PriceClass.PriceClass_All) .withDefaultCacheBehavior(new DefaultCacheBehavior().withTargetOriginId(originId) .withForwardedValues(new ForwardedValues().withQueryString(true) .withCookies(new CookiePreference().withForward(ItemSelection.All))) .withViewerProtocolPolicy(ViewerProtocolPolicy.AllowAll).withMinTTL(0L) .withTrustedSigners(new TrustedSigners().withEnabled(false).withQuantity(0))) .withDefaultRootObject(distribution.getIndexDocument()).withAliases(new Aliases() .withItems(distribution.getCNAMEs()).withQuantity(distribution.getCNAMEs().length)); if (distribution.isLogging()) { // Make bucket name fully qualified final String loggingTarget = ServiceUtils.generateS3HostnameForBucket( distribution.getLoggingContainer(), false, new S3Protocol().getDefaultHostname()); if (log.isDebugEnabled()) { log.debug(String.format("Set logging target for %s to %s", distribution, loggingTarget)); } config.setLogging(new LoggingConfig().withEnabled(distribution.isLogging()).withIncludeCookies(true) .withBucket(loggingTarget).withPrefix(preferences.getProperty("cloudfront.logging.prefix"))); } return client.createDistribution(new CreateDistributionRequest(config)).getDistribution(); }
From source file:com.kpbird.aws.Main.java
public void createCloudFront() { try {/*from w w w . j a v a2s . co m*/ log.Info("Create CloudFront Distribution For Download"); AmazonCloudFrontClient cloudfront = new AmazonCloudFrontClient(credentials); cloudfront.setEndpoint(endPoint); cloudfront.setRegion(region); DistributionConfig dc = new DistributionConfig(); dc.withCallerReference(System.currentTimeMillis() + ""); dc.withAliases(new Aliases().withQuantity(0)); dc.withDefaultRootObject(""); dc.withOrigins(new Origins() .withItems(new Origin().withId(cloudFrontS3Origin) .withDomainName(cloudFrontS3Origin + ".s3.amazonaws.com") .withS3OriginConfig(new S3OriginConfig().withOriginAccessIdentity(""))) .withQuantity(1)); dc.withDefaultCacheBehavior(new DefaultCacheBehavior().withTargetOriginId(cloudFrontS3Origin) .withForwardedValues(new ForwardedValues().withQueryString(false) .withCookies(new CookiePreference().withForward("none"))) .withTrustedSigners(new TrustedSigners().withQuantity(0).withEnabled(false)) .withViewerProtocolPolicy(ViewerProtocolPolicy.AllowAll).withMinTTL(cloudFrontMinTTL)); dc.withCacheBehaviors(new CacheBehaviors().withQuantity(0)); dc.withComment(cloudFrontDesc); dc.withLogging( new LoggingConfig().withEnabled(false).withBucket("").withPrefix("").withIncludeCookies(false)); dc.withEnabled(true); dc.withPriceClass(PriceClass.PriceClass_All); CreateDistributionRequest cdr = new CreateDistributionRequest().withDistributionConfig(dc); CreateDistributionResult distribution = cloudfront.createDistribution(cdr); boolean isWait = true; while (isWait) { Thread.sleep(5000); GetDistributionResult gdr = cloudfront .getDistribution(new GetDistributionRequest(distribution.getDistribution().getId())); String status = gdr.getDistribution().getStatus(); log.Info("Status :" + status); if (status.equals("Deployed")) { isWait = false; log.Info("Domain Name :" + gdr.getDistribution().getDomainName()); } } } catch (Exception e) { e.printStackTrace(); System.exit(0); } }
From source file:org.duracloud.s3task.streaming.EnableStreamingTaskRunner.java
License:Apache License
public String performTask(String taskParameters) { EnableStreamingTaskParameters taskParams = EnableStreamingTaskParameters.deserialize(taskParameters); String spaceId = taskParams.getSpaceId(); boolean secure = taskParams.isSecure(); log.info("Performing " + TASK_NAME + " task on space " + spaceId + ". Secure streaming set to " + secure); // Will throw if bucket does not exist String bucketName = unwrappedS3Provider.getBucketName(spaceId); String domainName = null;/*from w ww . j a v a 2 s . c om*/ String distId = null; String oaIdentityId = getOriginAccessId(); EnableStreamingTaskResult taskResult = new EnableStreamingTaskResult(); StreamingDistributionSummary existingDist = getExistingDistribution(bucketName); if (existingDist != null) { // There is an existing distribution // Ensure that this is not an attempt to change the security type // of this existing distribution boolean existingSecure = !existingDist.getTrustedSigners().getItems().isEmpty(); if ((secure && !existingSecure) || (!secure && existingSecure)) { throw new UnsupportedTaskException(TASK_NAME, "The space " + spaceId + " is already configured to stream as " + (secure ? "OPEN" : "SECURE") + " and cannot be updated to stream as " + (secure ? "SECURE" : "OPEN") + ". To do this, you must first execute the " + StorageTaskConstants.DELETE_STREAMING_TASK_NAME + " task."); } distId = existingDist.getId(); if (!existingDist.isEnabled()) { // Distribution is disabled, enable it setDistributionState(distId, true); } domainName = existingDist.getDomainName(); } else { // No existing distribution, need to create one S3Origin origin = new S3Origin(bucketName + S3_ORIGIN_SUFFIX, S3_ORIGIN_OAI_PREFIX + oaIdentityId); // Only include trusted signers on secure distributions TrustedSigners signers = new TrustedSigners(); if (secure) { signers.setItems(Collections.singletonList(cfAccountId)); signers.setEnabled(true); signers.setQuantity(1); } else { signers.setEnabled(false); signers.setQuantity(0); } StreamingDistribution dist = cfClient .createStreamingDistribution(new CreateStreamingDistributionRequest( new StreamingDistributionConfig().withCallerReference("" + System.currentTimeMillis()) .withS3Origin(origin).withEnabled(true) .withComment("Streaming space: " + spaceId).withTrustedSigners(signers))) .getStreamingDistribution(); domainName = dist.getDomainName(); } // Set bucket policy to accept origin access identity setBucketAccessPolicy(bucketName, oaIdentityId); // Update bucket tags to include streaming host Map<String, String> spaceProps = s3Provider.getSpaceProperties(spaceId); spaceProps.put(STREAMING_HOST_PROP, domainName); spaceProps.put(STREAMING_TYPE_PROP, secure ? STREAMING_TYPE.SECURE.name() : STREAMING_TYPE.OPEN.name()); unwrappedS3Provider.setNewSpaceProperties(spaceId, spaceProps); taskResult.setResult("Enable Streaming Task completed successfully"); // Return results taskResult.setStreamingHost(domainName); String toReturn = taskResult.serialize(); log.info("Result of " + TASK_NAME + " task: " + toReturn); return toReturn; }
From source file:org.duracloud.s3task.streaming.StreamingTaskRunnerTestBase.java
License:Apache License
/** * Used when expecting a valid distribution as a result of the * listStreamingDistributions call.// w w w . ja v a 2 s . c o m * * @param secure defines if the returned distribution is secure or open * @param listCallsExpected the number of times the call to list distributions will * be called in order to retrieve the entire list */ protected void cfClientExpectValidDistribution(AmazonCloudFrontClient cfClient, boolean secure, int listCallsExpected) { S3Origin origin = new S3Origin().withDomainName(bucketName + DeleteStreamingTaskRunner.S3_ORIGIN_SUFFIX); StreamingDistributionSummary distSummary = new StreamingDistributionSummary().withId("id") .withStatus("status").withDomainName(domainName).withEnabled(true).withS3Origin(origin); TrustedSigners trustedSigners = new TrustedSigners().withQuantity(0); if (secure) { trustedSigners = new TrustedSigners().withQuantity(1).withItems("trusted-signer-item"); } distSummary.setTrustedSigners(trustedSigners); for (int i = 0; i < listCallsExpected; i++) { boolean truncated = false; if ((listCallsExpected - i) > 1) { truncated = true; } List<StreamingDistributionSummary> distSummaries = new ArrayList(); distSummaries.add(distSummary); ListStreamingDistributionsResult distSummaryResult = new ListStreamingDistributionsResult() .withStreamingDistributionList(new StreamingDistributionList().withItems(distSummaries) .withIsTruncated(truncated).withNextMarker("marker")); EasyMock.expect( cfClient.listStreamingDistributions(EasyMock.isA(ListStreamingDistributionsRequest.class))) .andReturn(distSummaryResult); } }
From source file:org.duracloud.s3task.streaminghls.EnableHlsTaskRunner.java
License:Apache License
public String performTask(String taskParameters) { EnableStreamingTaskParameters taskParams = EnableStreamingTaskParameters.deserialize(taskParameters); String spaceId = taskParams.getSpaceId(); boolean secure = taskParams.isSecure(); List<String> allowedOrigins = taskParams.getAllowedOrigins(); log.info("Performing " + TASK_NAME + " task on space " + spaceId + ". Secure streaming set to " + secure); // Will throw if bucket does not exist String bucketName = unwrappedS3Provider.getBucketName(spaceId); String domainName = null;/* w w w. j a v a 2 s.c o m*/ String distId = null; String oaIdentityId = getOriginAccessId(); EnableStreamingTaskResult taskResult = new EnableStreamingTaskResult(); DistributionSummary existingDist = getExistingDistribution(bucketName); if (existingDist != null) { // There is an existing distribution // Ensure that this is not an attempt to change the security type // of this existing distribution boolean existingSecure = !existingDist.getDefaultCacheBehavior().getTrustedSigners().getItems() .isEmpty(); if ((secure && !existingSecure) || (!secure && existingSecure)) { throw new UnsupportedTaskException(TASK_NAME, "The space " + spaceId + " is already configured to stream as " + (secure ? "OPEN" : "SECURE") + " and cannot be updated to stream as " + (secure ? "SECURE" : "OPEN") + ". To do this, you must first execute the " + StorageTaskConstants.DELETE_HLS_TASK_NAME + " task."); } distId = existingDist.getId(); if (!existingDist.isEnabled()) { // Distribution is disabled, enable it setDistributionState(distId, true); } domainName = existingDist.getDomainName(); } else { // No existing distribution, need to create one // Create S3 Origin S3OriginConfig s3OriginConfig = new S3OriginConfig() .withOriginAccessIdentity(S3_ORIGIN_OAI_PREFIX + oaIdentityId); Origin s3Origin = new Origin().withDomainName(bucketName + S3_ORIGIN_SUFFIX) .withS3OriginConfig(s3OriginConfig).withId("S3-" + bucketName); // Only include trusted signers on secure distributions TrustedSigners signers = new TrustedSigners(); if (secure) { signers.setItems(Collections.singletonList(cfAccountId)); signers.setEnabled(true); signers.setQuantity(1); } else { signers.setEnabled(false); signers.setQuantity(0); } DefaultCacheBehavior defaultCacheBehavior = new DefaultCacheBehavior(); defaultCacheBehavior.setTrustedSigners(signers); defaultCacheBehavior.setViewerProtocolPolicy(ViewerProtocolPolicy.RedirectToHttps); // Forwarding headers to support CORS, see: // https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html#header-caching-web-cors defaultCacheBehavior.setAllowedMethods( new AllowedMethods().withItems(Method.GET, Method.HEAD, Method.OPTIONS).withQuantity(3)); defaultCacheBehavior.setForwardedValues(new ForwardedValues().withQueryString(false) .withCookies(new CookiePreference().withForward(ItemSelection.None)) .withHeaders(new Headers() .withItems("Origin", "Access-Control-Request-Headers", "Access-Control-Request-Method") .withQuantity(3))); // Setting other cache behaviors required by the client defaultCacheBehavior.setMinTTL(0l); defaultCacheBehavior.setTargetOriginId(s3Origin.getId()); // Create origins list Origins origins; CacheBehaviors cacheBehaviors = new CacheBehaviors(); if (secure) { // Create Origin to allow signed cookies to be set through a CloudFront call CustomOriginConfig cookiesOriginConfig = new CustomOriginConfig() .withOriginProtocolPolicy(OriginProtocolPolicy.HttpsOnly).withHTTPPort(80) .withHTTPSPort(443); String getCookiesPath = "/durastore/aux"; String cookiesOriginId = "Custom origin - " + dcHost + getCookiesPath; Origin cookiesOrigin = new Origin().withDomainName(dcHost).withOriginPath(getCookiesPath) .withId(cookiesOriginId).withCustomOriginConfig(cookiesOriginConfig); origins = new Origins().withItems(s3Origin, cookiesOrigin).withQuantity(2); // Create behavior for cookies origin CookiePreference cookiePreference = new CookiePreference().withForward(ItemSelection.All); CacheBehavior cookiesCacheBehavior = new CacheBehavior().withPathPattern("/cookies") .withTargetOriginId(cookiesOriginId) .withViewerProtocolPolicy(ViewerProtocolPolicy.RedirectToHttps) .withAllowedMethods(new AllowedMethods().withItems(Method.GET, Method.HEAD).withQuantity(2)) .withForwardedValues( new ForwardedValues().withQueryString(true).withCookies(cookiePreference)) .withTrustedSigners(new TrustedSigners().withEnabled(false).withQuantity(0)).withMinTTL(0l); cacheBehaviors = cacheBehaviors.withItems(cookiesCacheBehavior).withQuantity(1); } else { origins = new Origins().withItems(s3Origin).withQuantity(1); } // Build distribution DistributionConfig distributionConfig = new DistributionConfig() .withCallerReference("" + System.currentTimeMillis()).withOrigins(origins).withEnabled(true) .withComment("HLS streaming for space: " + spaceId) .withDefaultCacheBehavior(defaultCacheBehavior); if (secure) { distributionConfig.setCacheBehaviors(cacheBehaviors); } Distribution dist = cfClient.createDistribution(new CreateDistributionRequest(distributionConfig)) .getDistribution(); domainName = dist.getDomainName(); } // Set bucket policy to accept origin access identity setBucketAccessPolicy(bucketName, oaIdentityId); // Set CORS policy on bucket setCorsPolicy(bucketName, allowedOrigins, dcHost); // Update bucket tags to include streaming host Map<String, String> spaceProps = s3Provider.getSpaceProperties(spaceId); spaceProps.put(HLS_STREAMING_HOST_PROP, domainName); spaceProps.put(HLS_STREAMING_TYPE_PROP, secure ? STREAMING_TYPE.SECURE.name() : STREAMING_TYPE.OPEN.name()); unwrappedS3Provider.setNewSpaceProperties(spaceId, spaceProps); taskResult.setResult(TASK_NAME + " task completed successfully"); // Return results taskResult.setStreamingHost(domainName); String toReturn = taskResult.serialize(); log.info("Result of " + TASK_NAME + " task: " + toReturn); return toReturn; }
From source file:org.duracloud.s3task.streaminghls.HlsTaskRunnerTestBase.java
License:Apache License
/** * Used when expecting a valid distribution as a result of the * listDistributions call./*from w w w . j ava2 s. c o m*/ * * @param secure defines if the returned distribution is secure or open * @param listCallsExpected the number of times the call to list distributions will * be called in order to retrieve the entire list */ protected void cfClientExpectValidDistribution(AmazonCloudFrontClient cfClient, boolean secure, int listCallsExpected) { Origin s3Origin = new Origin().withDomainName(bucketName + S3_ORIGIN_SUFFIX); DistributionSummary distSummary = new DistributionSummary().withId("id").withStatus("status") .withDomainName(domainName).withEnabled(true).withOrigins(new Origins().withItems(s3Origin)); TrustedSigners trustedSigners = new TrustedSigners().withQuantity(0); if (secure) { trustedSigners = new TrustedSigners().withQuantity(1).withItems("trusted-signer-item"); } DefaultCacheBehavior defaultCacheBehavior = new DefaultCacheBehavior(); defaultCacheBehavior.setTrustedSigners(trustedSigners); distSummary.setDefaultCacheBehavior(defaultCacheBehavior); for (int i = 0; i < listCallsExpected; i++) { boolean truncated = false; if ((listCallsExpected - i) > 1) { truncated = true; } List<DistributionSummary> distSummaries = new ArrayList(); distSummaries.add(distSummary); ListDistributionsResult distSummaryResult = new ListDistributionsResult() .withDistributionList(new DistributionList().withItems(distSummaries).withIsTruncated(truncated) .withNextMarker("marker")); EasyMock.expect(cfClient.listDistributions(EasyMock.isA(ListDistributionsRequest.class))) .andReturn(distSummaryResult); } }