org.jets3t.service
Class CloudFrontService

java.lang.Object
  extended by org.jets3t.service.CloudFrontService
All Implemented Interfaces:
AWSRequestAuthorizer

public class CloudFrontService
extends Object
implements AWSRequestAuthorizer

A service that handles communication with the Amazon CloudFront REST API, offering all the operations that can be performed on CloudFront distributions.

This class uses properties obtained through Jets3tProperties. For more information on these properties please refer to JetS3t Configuration

Author:
James Murty

Field Summary
static String DEFAULT_BUCKET_SUFFIX
           
static String ENDPOINT
           
static String ORIGIN_ACCESS_IDENTITY_PREFIX
           
static String ORIGIN_ACCESS_IDENTITY_URI_PATH
           
static String VERSION
           
static String XML_NAMESPACE
           
 
Constructor Summary
CloudFrontService(AWSCredentials awsCredentials)
          Constructs the service with default properties.
CloudFrontService(AWSCredentials awsCredentials, String invokingApplicationDescription, org.apache.commons.httpclient.auth.CredentialsProvider credentialsProvider, Jets3tProperties jets3tProperties, org.apache.commons.httpclient.HostConfiguration hostConfig)
          Constructs the service and initialises its properties.
 
Method Summary
 void authorizeHttpRequest(org.apache.commons.httpclient.HttpMethod httpMethod)
          Sign the given HTTP method object using the AWS credentials provided by getAWSCredentials().
static String buildPolicyForSignedUrl(String resourcePath, Date epochDateLessThan, String limitToIpAddressCIDR, Date epochDateGreaterThan)
          Generate a policy document that describes custom access permissions to apply via a private distribution's signed URL.
 Distribution createDistribution(DistributionConfig config)
          Create a public or private CloudFront distribution for an S3 bucket based on a pre-configured DistributionConfig.
 Distribution createDistribution(String origin)
          Create a minimally-configured CloudFront distribution for an S3 bucket that will be publicly available once created.
 Distribution createDistribution(String origin, String callerReference, String[] cnames, String comment, boolean enabled, LoggingStatus loggingStatus)
          Create a public CloudFront distribution for an S3 bucket.
 Distribution createDistribution(String origin, String callerReference, String[] cnames, String comment, boolean enabled, LoggingStatus loggingStatus, String originAccessIdentityId, boolean trustedSignerSelf, String[] trustedSignerAwsAccountNumbers, String[] requiredProtocols)
          Create a public or private CloudFront distribution for an S3 bucket.
 OriginAccessIdentity createOriginAccessIdentity(String callerReference, String comment)
          Create a new Origin Access Identity
 StreamingDistribution createStreamingDistribution(String origin, String callerReference, String[] cnames, String comment, boolean enabled, LoggingStatus loggingStatus)
          Create a public streaming CloudFront distribution for an S3 bucket.
 StreamingDistribution createStreamingDistribution(String origin, String callerReference, String[] cnames, String comment, boolean enabled, LoggingStatus loggingStatus, String originAccessIdentityId, boolean trustedSignerSelf, String[] trustedSignerAwsAccountNumbers)
          Create a public or private streaming CloudFront distribution for an S3 bucket.
 void deleteDistribution(String id)
          Delete a disabled distribution.
 void deleteOriginAccessIdentity(String id)
          Delete an Origin Access Identity.
 void deleteStreamingDistribution(String id)
          Delete a disabled streaming distribution.
 void disableDistributionForDeletion(String id)
          Convenience method to disable a distribution that you intend to delete.
 void disableStreamingDistributionForDeletion(String id)
          Convenience method to disable a streaming distribution that you intend to delete.
 AWSCredentials getAWSCredentials()
           
 DistributionConfig getDistributionConfig(String id)
          Lookup configuration information for a standard distribution.
 Distribution getDistributionInfo(String id)
          Lookup information for a standard distribution.
 OriginAccessIdentity getOriginAccessIdentity(String id)
          Obtain the complete properties of an Origin Access Identity.
 OriginAccessIdentityConfig getOriginAccessIdentityConfig(String id)
          Obtain the configuration properties of an Origin Access Identity.
 List getOriginAccessIdentityList()
          List the Origin Access Identities in a CloudFront account.
 StreamingDistributionConfig getStreamingDistributionConfig(String id)
          Lookup configuration information for a streaming distribution.
 StreamingDistribution getStreamingDistributionInfo(String id)
          Lookup information for a streaming distribution.
 Distribution[] listDistributions()
          List all your standard CloudFront distributions.
 Distribution[] listDistributions(int pagingSize)
          List all your standard CloudFront distributions, with a given maximum number of Distribution items in each "page" of results.
 Distribution[] listDistributions(String bucketName)
          List the distributions whose origin is the given S3 bucket name.
 List listDistributionsByBucketName(boolean isStreaming, String bucketName)
          List streaming or non-stream distributions whose origin is the given S3 bucket name.
 StreamingDistribution[] listStreamingDistributions()
          List all your standard CloudFront distributions.
 StreamingDistribution[] listStreamingDistributions(int pagingSize)
          List all your streaming CloudFront distributions, with a given maximum number of Distribution items in each "page" of results.
 StreamingDistribution[] listStreamingDistributions(String bucketName)
          List the streaming distributions whose origin is the given S3 bucket name.
static String sanitizeS3BucketName(String proposedBucketName)
          Sanitizes a proposed bucket name to ensure it is fully-specified rather than merely the bucket's short name.
static String signUrl(String domainName, String s3ObjectKey, String keyPairId, byte[] derPrivateKey, String policy)
          Generate a signed URL that allows access to distribution and S3 objects by applying access restrictions specified in a custom policy document.
static String signUrlCanned(String domainName, String s3ObjectKey, String keyPairId, byte[] derPrivateKey, Date epochDateLessThan)
          Generate a signed URL that allows access to a specific distribution and S3 object by applying a access restrictions from a "canned" (simplified) policy document.
 DistributionConfig updateDistributionConfig(String id, DistributionConfig config)
          Update the configuration of an existing distribution to change its properties or public/private status.
 DistributionConfig updateDistributionConfig(String id, String[] cnames, String comment, boolean enabled, LoggingStatus loggingStatus)
          Update the configuration of an existing distribution to change its properties.
 DistributionConfig updateDistributionConfig(String id, String[] cnames, String comment, boolean enabled, LoggingStatus loggingStatus, String originAccessIdentityId, boolean trustedSignerSelf, String[] trustedSignerAwsAccountNumbers, String[] requiredProtocols)
          Update the configuration of an existing distribution to change its properties or public/private status.
 OriginAccessIdentityConfig updateOriginAccessIdentityConfig(String id, String comment)
          Update the properties of an Origin Access Identity.
 StreamingDistributionConfig updateStreamingDistributionConfig(String id, String[] cnames, String comment, boolean enabled, LoggingStatus loggingStatus)
          Update the configuration of an existing streaming distribution to change its properties.
 StreamingDistributionConfig updateStreamingDistributionConfig(String id, String[] cnames, String comment, boolean enabled, LoggingStatus loggingStatus, String originAccessIdentityId, boolean trustedSignerSelf, String[] trustedSignerAwsAccountNumbers)
          Update the configuration of an existing streaming distribution to change its properties.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ENDPOINT

public static final String ENDPOINT
See Also:
Constant Field Values

VERSION

public static final String VERSION
See Also:
Constant Field Values

XML_NAMESPACE

public static final String XML_NAMESPACE
See Also:
Constant Field Values

DEFAULT_BUCKET_SUFFIX

public static final String DEFAULT_BUCKET_SUFFIX
See Also:
Constant Field Values

ORIGIN_ACCESS_IDENTITY_URI_PATH

public static final String ORIGIN_ACCESS_IDENTITY_URI_PATH
See Also:
Constant Field Values

ORIGIN_ACCESS_IDENTITY_PREFIX

public static final String ORIGIN_ACCESS_IDENTITY_PREFIX
See Also:
Constant Field Values
Constructor Detail

CloudFrontService

public CloudFrontService(AWSCredentials awsCredentials,
                         String invokingApplicationDescription,
                         org.apache.commons.httpclient.auth.CredentialsProvider credentialsProvider,
                         Jets3tProperties jets3tProperties,
                         org.apache.commons.httpclient.HostConfiguration hostConfig)
                  throws CloudFrontServiceException
Constructs the service and initialises its properties.

Parameters:
awsCredentials - the AWS user credentials to use when communicating with CloudFront
invokingApplicationDescription - a short description of the application using the service, suitable for inclusion in a user agent string for REST/HTTP requests. Ideally this would include the application's version number, for example: Cockpit/0.7.3 or My App Name/1.0. May be null.
credentialsProvider - an implementation of the HttpClient CredentialsProvider interface, to provide a means for prompting for credentials when necessary. May be null.
jets3tProperties - JetS3t properties that will be applied within this service. May be null.
hostConfig - Custom HTTP host configuration; e.g to register a custom Protocol Socket Factory. May be null.
Throws:
CloudFrontServiceException

CloudFrontService

public CloudFrontService(AWSCredentials awsCredentials)
                  throws CloudFrontServiceException
Constructs the service with default properties.

Parameters:
awsCredentials - the AWS user credentials to use when communicating with CloudFront
Throws:
CloudFrontServiceException
Method Detail

getAWSCredentials

public AWSCredentials getAWSCredentials()
Returns:
the AWS Credentials identifying the AWS user.

authorizeHttpRequest

public void authorizeHttpRequest(org.apache.commons.httpclient.HttpMethod httpMethod)
                          throws Exception
Sign the given HTTP method object using the AWS credentials provided by getAWSCredentials().

Specified by:
authorizeHttpRequest in interface AWSRequestAuthorizer
Parameters:
httpMethod - the request object
Throws:
Exception

listDistributions

public Distribution[] listDistributions(int pagingSize)
                                 throws CloudFrontServiceException
List all your standard CloudFront distributions, with a given maximum number of Distribution items in each "page" of results.

Parameters:
pagingSize - the maximum number of distributions the CloudFront service will return in each response message.
Returns:
a list of your distributions.
Throws:
CloudFrontServiceException

listStreamingDistributions

public StreamingDistribution[] listStreamingDistributions(int pagingSize)
                                                   throws CloudFrontServiceException
List all your streaming CloudFront distributions, with a given maximum number of Distribution items in each "page" of results.

Parameters:
pagingSize - the maximum number of distributions the CloudFront service will return in each response message.
Returns:
a list of your distributions.
Throws:
CloudFrontServiceException

listDistributions

public Distribution[] listDistributions()
                                 throws CloudFrontServiceException
List all your standard CloudFront distributions.

Returns:
a list of your distributions.
Throws:
CloudFrontServiceException

listStreamingDistributions

public StreamingDistribution[] listStreamingDistributions()
                                                   throws CloudFrontServiceException
List all your standard CloudFront distributions.

Returns:
a list of your streaming distributions.
Throws:
CloudFrontServiceException

listDistributionsByBucketName

public List listDistributionsByBucketName(boolean isStreaming,
                                          String bucketName)
                                   throws CloudFrontServiceException
List streaming or non-stream distributions whose origin is the given S3 bucket name.

Parameters:
bucketName - the name of the S3 bucket whose distributions will be returned.
Returns:
a list of distributions applied to the given S3 bucket, or an empty list if there are no such distributions.
Throws:
CloudFrontServiceException

listDistributions

public Distribution[] listDistributions(String bucketName)
                                 throws CloudFrontServiceException
List the distributions whose origin is the given S3 bucket name.

Parameters:
bucketName - the name of the S3 bucket whose distributions will be returned.
Returns:
a list of distributions applied to the given S3 bucket, or an empty list if there are no such distributions.
Throws:
CloudFrontServiceException

listStreamingDistributions

public StreamingDistribution[] listStreamingDistributions(String bucketName)
                                                   throws CloudFrontServiceException
List the streaming distributions whose origin is the given S3 bucket name.

Parameters:
bucketName - the name of the S3 bucket whose distributions will be returned.
Returns:
a list of distributions applied to the given S3 bucket, or an empty list if there are no such distributions.
Throws:
CloudFrontServiceException

createDistribution

public Distribution createDistribution(String origin,
                                       String callerReference,
                                       String[] cnames,
                                       String comment,
                                       boolean enabled,
                                       LoggingStatus loggingStatus,
                                       String originAccessIdentityId,
                                       boolean trustedSignerSelf,
                                       String[] trustedSignerAwsAccountNumbers,
                                       String[] requiredProtocols)
                                throws CloudFrontServiceException
Create a public or private CloudFront distribution for an S3 bucket.

Parameters:
origin - the Amazon S3 bucket to associate with the distribution, specified as a full S3 sub-domain path (e.g. 'jets3t.s3.amazonaws.com' for the 'jets3t' bucket)
callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be a null or empty array.
comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null.
enabled - Should the distribution should be enabled and publicly accessible upon creation?
loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
originAccessIdentityId - Identifier of the origin access identity that can authorize access to S3 objects via a private distribution. If provided the distribution will be private, if null the distribution will be be public.
trustedSignerSelf - If true the owner of the distribution (you) will be be allowed to generate signed URLs for a private distribution. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
trustedSignerAwsAccountNumbers - Account Number identifiers for AWS account holders other than the distribution's owner who will be allowed to generate signed URLs for a private distribution. If null or empty, no additional AWS account holders may generate signed URLs. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
requiredProtocols - List of protocols that must be used by clients to retrieve content from the distribution. If this value is null or is an empty array, all protocols will be supported.
Returns:
an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
Throws:
CloudFrontServiceException

createDistribution

public Distribution createDistribution(String origin)
                                throws CloudFrontServiceException
Create a minimally-configured CloudFront distribution for an S3 bucket that will be publicly available once created.

Parameters:
origin - the Amazon S3 bucket to associate with the distribution, specified as a full S3 sub-domain path (e.g. 'jets3t.s3.amazonaws.com' for the 'jets3t' bucket)
Returns:
an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
Throws:
CloudFrontServiceException

createDistribution

public Distribution createDistribution(String origin,
                                       String callerReference,
                                       String[] cnames,
                                       String comment,
                                       boolean enabled,
                                       LoggingStatus loggingStatus)
                                throws CloudFrontServiceException
Create a public CloudFront distribution for an S3 bucket.

Parameters:
origin - the Amazon S3 bucket to associate with the distribution, specified as a full S3 sub-domain path (e.g. 'jets3t.s3.amazonaws.com' for the 'jets3t' bucket)
callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be a null or empty array.
comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null.
enabled - Should the distribution should be enabled and publicly accessible upon creation?
loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
Returns:
an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
Throws:
CloudFrontServiceException

createDistribution

public Distribution createDistribution(DistributionConfig config)
                                throws CloudFrontServiceException
Create a public or private CloudFront distribution for an S3 bucket based on a pre-configured DistributionConfig.

Parameters:
config - Configuration settings to apply to the distribution.
Returns:
an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
Throws:
CloudFrontServiceException

createStreamingDistribution

public StreamingDistribution createStreamingDistribution(String origin,
                                                         String callerReference,
                                                         String[] cnames,
                                                         String comment,
                                                         boolean enabled,
                                                         LoggingStatus loggingStatus,
                                                         String originAccessIdentityId,
                                                         boolean trustedSignerSelf,
                                                         String[] trustedSignerAwsAccountNumbers)
                                                  throws CloudFrontServiceException
Create a public or private streaming CloudFront distribution for an S3 bucket.

Parameters:
origin - the Amazon S3 bucket to associate with the distribution, specified as a full S3 sub-domain path (e.g. 'jets3t.s3.amazonaws.com' for the 'jets3t' bucket)
callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be a null or empty array.
comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null.
enabled - Should the distribution should be enabled and publicly accessible upon creation?
loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
originAccessIdentityId - Identifier of the origin access identity that can authorize access to S3 objects via a private distribution. If provided the distribution will be private, if null the distribution will be be public.
trustedSignerSelf - If true the owner of the distribution (you) will be be allowed to generate signed URLs for a private distribution. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
trustedSignerAwsAccountNumbers - Account Number identifiers for AWS account holders other than the distribution's owner who will be allowed to generate signed URLs for a private distribution. If null or empty, no additional AWS account holders may generate signed URLs. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
Returns:
an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
Throws:
CloudFrontServiceException

createStreamingDistribution

public StreamingDistribution createStreamingDistribution(String origin,
                                                         String callerReference,
                                                         String[] cnames,
                                                         String comment,
                                                         boolean enabled,
                                                         LoggingStatus loggingStatus)
                                                  throws CloudFrontServiceException
Create a public streaming CloudFront distribution for an S3 bucket.

Parameters:
origin - the Amazon S3 bucket to associate with the distribution, specified as a full S3 sub-domain path (e.g. 'jets3t.s3.amazonaws.com' for the 'jets3t' bucket)
callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be a null or empty array.
comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null.
enabled - Should the distribution should be enabled and publicly accessible upon creation?
loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
Returns:
an object that describes the newly-created distribution, in particular the distribution's identifier and domain name values.
Throws:
CloudFrontServiceException

getDistributionInfo

public Distribution getDistributionInfo(String id)
                                 throws CloudFrontServiceException
Lookup information for a standard distribution.

Parameters:
id - the distribution's unique identifier.
Returns:
an object that describes the distribution, including its identifier and domain name values as well as its configuration details.
Throws:
CloudFrontServiceException

getStreamingDistributionInfo

public StreamingDistribution getStreamingDistributionInfo(String id)
                                                   throws CloudFrontServiceException
Lookup information for a streaming distribution.

Parameters:
id - the distribution's unique identifier.
Returns:
an object that describes the distribution, including its identifier and domain name values as well as its configuration details.
Throws:
CloudFrontServiceException

getDistributionConfig

public DistributionConfig getDistributionConfig(String id)
                                         throws CloudFrontServiceException
Lookup configuration information for a standard distribution. The configuration information is a subset of the information available from the getDistributionInfo(String) method.

Parameters:
id - the distribution's unique identifier.
Returns:
an object that describes the distribution's configuration, including its origin bucket and CNAME aliases.
Throws:
CloudFrontServiceException

getStreamingDistributionConfig

public StreamingDistributionConfig getStreamingDistributionConfig(String id)
                                                           throws CloudFrontServiceException
Lookup configuration information for a streaming distribution. The configuration information is a subset of the information available from the getDistributionInfo(String) method.

Parameters:
id - the distribution's unique identifier.
Returns:
an object that describes the distribution's configuration, including its origin bucket and CNAME aliases.
Throws:
CloudFrontServiceException

updateDistributionConfig

public DistributionConfig updateDistributionConfig(String id,
                                                   String[] cnames,
                                                   String comment,
                                                   boolean enabled,
                                                   LoggingStatus loggingStatus,
                                                   String originAccessIdentityId,
                                                   boolean trustedSignerSelf,
                                                   String[] trustedSignerAwsAccountNumbers,
                                                   String[] requiredProtocols)
                                            throws CloudFrontServiceException
Update the configuration of an existing distribution to change its properties or public/private status. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

Parameters:
id - the distribution's unique identifier.
cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be null, in which case the original CNAME aliases are retained.
comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null, in which case the original comment is retained.
enabled - Should the distribution should be enabled and publicly accessible after the configuration update?
loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
originAccessIdentityId - Identifier of the origin access identity that can authorize access to S3 objects via a private distribution. If provided the distribution will be private, if null the distribution will be be public.
trustedSignerSelf - If true the owner of the distribution (you) will be be allowed to generate signed URLs for a private distribution. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
trustedSignerAwsAccountNumbers - Account Number identifiers for AWS account holders other than the distribution's owner who will be allowed to generate signed URLs for a private distribution. If null or empty, no additional AWS account holders may generate signed URLs. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
requiredProtocols - List of protocols that must be used by clients to retrieve content from the distribution. If this value is null or is an empty array all protocols will be permitted.
Returns:
an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
Throws:
CloudFrontServiceException

updateStreamingDistributionConfig

public StreamingDistributionConfig updateStreamingDistributionConfig(String id,
                                                                     String[] cnames,
                                                                     String comment,
                                                                     boolean enabled,
                                                                     LoggingStatus loggingStatus)
                                                              throws CloudFrontServiceException
Update the configuration of an existing streaming distribution to change its properties. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

Parameters:
id - the distribution's unique identifier.
cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be null, in which case the original CNAME aliases are retained.
comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null, in which case the original comment is retained.
enabled - Should the distribution should be enabled and publicly accessible after the configuration update?
loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
Returns:
an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
Throws:
CloudFrontServiceException

updateStreamingDistributionConfig

public StreamingDistributionConfig updateStreamingDistributionConfig(String id,
                                                                     String[] cnames,
                                                                     String comment,
                                                                     boolean enabled,
                                                                     LoggingStatus loggingStatus,
                                                                     String originAccessIdentityId,
                                                                     boolean trustedSignerSelf,
                                                                     String[] trustedSignerAwsAccountNumbers)
                                                              throws CloudFrontServiceException
Update the configuration of an existing streaming distribution to change its properties. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

Parameters:
id - the distribution's unique identifier.
cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be null, in which case the original CNAME aliases are retained.
comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null, in which case the original comment is retained.
enabled - Should the distribution should be enabled and publicly accessible after the configuration update?
loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
originAccessIdentityId - Identifier of the origin access identity that can authorize access to S3 objects via a private distribution. If provided the distribution will be private, if null the distribution will be be public.
trustedSignerSelf - If true the owner of the distribution (you) will be be allowed to generate signed URLs for a private distribution. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
trustedSignerAwsAccountNumbers - Account Number identifiers for AWS account holders other than the distribution's owner who will be allowed to generate signed URLs for a private distribution. If null or empty, no additional AWS account holders may generate signed URLs. Note: If either trustedSignerSelf or trustedSignerAwsAccountNumbers parameters are provided the private distribution will require signed URLs to access content.
Returns:
an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
Throws:
CloudFrontServiceException

updateDistributionConfig

public DistributionConfig updateDistributionConfig(String id,
                                                   String[] cnames,
                                                   String comment,
                                                   boolean enabled,
                                                   LoggingStatus loggingStatus)
                                            throws CloudFrontServiceException
Update the configuration of an existing distribution to change its properties. If the original distribution is private this method will make it public instead. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

Parameters:
id - the distribution's unique identifier.
cnames - A list of up to 10 CNAME aliases to associate with the distribution. This parameter may be null, in which case the original CNAME aliases are retained.
comment - An optional comment to describe the distribution in your own terms (max 128 characters). May be null, in which case the original comment is retained.
enabled - Should the distribution should be enabled and publicly accessible after the configuration update?
loggingStatus - Logging status settings (bucket, prefix) for the distribution. If this value is null, logging will be disabled for the distribution.
Returns:
an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
Throws:
CloudFrontServiceException

updateDistributionConfig

public DistributionConfig updateDistributionConfig(String id,
                                                   DistributionConfig config)
                                            throws CloudFrontServiceException
Update the configuration of an existing distribution to change its properties or public/private status. The new configuration properties provided replace any existing configuration, and may take some time to be fully applied.

This method performs all the steps necessary to update the configuration. It first performs lookup on the distribution using getDistributionConfig(String) to find its origin and caller reference values, then uses this information to apply your configuration changes.

Parameters:
id - the distribution's unique identifier.
config - Configuration properties to apply to the distribution.
Returns:
an object that describes the distribution's updated configuration, including its origin bucket and CNAME aliases.
Throws:
CloudFrontServiceException

disableDistributionForDeletion

public void disableDistributionForDeletion(String id)
                                    throws CloudFrontServiceException
Convenience method to disable a distribution that you intend to delete. This method merely calls the updateDistributionConfig(String, String[], String, boolean, LoggingStatus) method with default values for most of the distribution's configuration settings.

Warning: Do not use this method on distributions you intend to keep, because it will reset most of the distribution's configuration settings such as CNAMEs and logging status.

Parameters:
id - the distribution's unique identifier.
Throws:
CloudFrontServiceException

disableStreamingDistributionForDeletion

public void disableStreamingDistributionForDeletion(String id)
                                             throws CloudFrontServiceException
Convenience method to disable a streaming distribution that you intend to delete. This method merely calls the updateStreamingDistributionConfig(String, String[], String, boolean, LoggingStatus) method with default values for most of the distribution's configuration settings.

Warning: Do not use this method on distributions you intend to keep, because it will reset most of the distribution's configuration settings such as CNAMEs and logging status.

Parameters:
id - the distribution's unique identifier.
Throws:
CloudFrontServiceException

deleteDistribution

public void deleteDistribution(String id)
                        throws CloudFrontServiceException
Delete a disabled distribution. You can only delete a distribution that is already disabled, if you delete an enabled distribution this operation will fail with a DistributionNotDisabled error.

This method performs many of the steps necessary to delete a disabled distribution. It first performs lookup on the distribution using getDistributionConfig(String) to find its ETag value, then uses this information to delete the distribution.

Because it can take a long time (minutes) to disable a distribution, this task is not performed automatically by this method. In your own code, you need to verify that a distribution is disabled with a status of Deployed before you invoke this method.

Parameters:
id - the distribution's unique identifier.
Throws:
CloudFrontServiceException

deleteStreamingDistribution

public void deleteStreamingDistribution(String id)
                                 throws CloudFrontServiceException
Delete a disabled streaming distribution. You can only delete a distribution that is already disabled, if you delete an enabled distribution this operation will fail with a DistributionNotDisabled error.

This method performs many of the steps necessary to delete a disabled distribution. It first performs lookup on the distribution using getDistributionConfig(String) to find its ETag value, then uses this information to delete the distribution.

Because it can take a long time (minutes) to disable a distribution, this task is not performed automatically by this method. In your own code, you need to verify that a distribution is disabled with a status of Deployed before you invoke this method.

Parameters:
id - the distribution's unique identifier.
Throws:
CloudFrontServiceException

createOriginAccessIdentity

public OriginAccessIdentity createOriginAccessIdentity(String callerReference,
                                                       String comment)
                                                throws CloudFrontServiceException
Create a new Origin Access Identity

Parameters:
callerReference - A user-set unique reference value that ensures the request can't be replayed (max UTF-8 encoding size 128 bytes). This parameter may be null, in which case your computer's local epoch time in milliseconds will be used.
comment - An optional comment to describe the identity (max 128 characters). May be null.
Returns:
The origin access identity's properties.
Throws:
CloudFrontServiceException

getOriginAccessIdentityList

public List getOriginAccessIdentityList()
                                 throws CloudFrontServiceException
List the Origin Access Identities in a CloudFront account.

Returns:
List of OriginAccessIdentity objects describing the identities.
Throws:
CloudFrontServiceException

getOriginAccessIdentity

public OriginAccessIdentity getOriginAccessIdentity(String id)
                                             throws CloudFrontServiceException
Obtain the complete properties of an Origin Access Identity.

Parameters:
id - The identifier of the Origin Access Identity.
Returns:
The origin access identity's properties.
Throws:
CloudFrontServiceException

getOriginAccessIdentityConfig

public OriginAccessIdentityConfig getOriginAccessIdentityConfig(String id)
                                                         throws CloudFrontServiceException
Obtain the configuration properties of an Origin Access Identity.

Parameters:
id - The identifier of the Origin Access Identity.
Returns:
The origin access identity's configuration properties.
Throws:
CloudFrontServiceException

updateOriginAccessIdentityConfig

public OriginAccessIdentityConfig updateOriginAccessIdentityConfig(String id,
                                                                   String comment)
                                                            throws CloudFrontServiceException
Update the properties of an Origin Access Identity.

Parameters:
id - The identifier of the Origin Access Identity.
comment - A new comment to apply to the identity.
Returns:
The origin access identity's configuration properties.
Throws:
CloudFrontServiceException

deleteOriginAccessIdentity

public void deleteOriginAccessIdentity(String id)
                                throws CloudFrontServiceException
Delete an Origin Access Identity.

Parameters:
id - The identifier of the Origin Access Identity.
Throws:
CloudFrontServiceException

sanitizeS3BucketName

public static String sanitizeS3BucketName(String proposedBucketName)
Sanitizes a proposed bucket name to ensure it is fully-specified rather than merely the bucket's short name. A fully specified bucket name looks like "jets3t.s3.amazonaws.com".

Parameters:
proposedBucketName - the proposed S3 bucket name that will be sanitized.
Returns:
the bucket name with the DEFAULT_BUCKET_SUFFIX added, if necessary.

buildPolicyForSignedUrl

public static String buildPolicyForSignedUrl(String resourcePath,
                                             Date epochDateLessThan,
                                             String limitToIpAddressCIDR,
                                             Date epochDateGreaterThan)
                                      throws CloudFrontServiceException
Generate a policy document that describes custom access permissions to apply via a private distribution's signed URL.

Parameters:
resourcePath - An optional resource path that restricts which distribution and S3 objects will be accessible in a signed URL. The '*' and '?' characters can be used as a wildcards to allow multi-character or single-character matches respectively:
  • * : All distributions/objects will be accessible
  • a1b2c3d4e5f6g7.cloudfront.net/* : All objects within the distribution a1b2c3d4e5f6g7 will be accessible
  • a1b2c3d4e5f6g7.cloudfront.net/path/to/object.txt : Only the S3 object named path/to/object.txt in the distribution a1b2c3d4e5f6g7 will be accessible.
If this parameter is null the policy will permit access to all distributions and S3 objects associated with the certificate keypair used to generate the signed URL.
epochDateLessThan - The time and date when the signed URL will expire. REQUIRED.
limitToIpAddressCIDR - An optional range of client IP addresses that will be allowed to access the distribution, specified as a CIDR range. If null, the CIDR will be 0.0.0.0/0 and any client will be permitted.
epochDateGreaterThan - An optional time and date when the signed URL will become active. If null, the signed URL will be active as soon as it is created.
Returns:
A policy document describing the access permission to apply when generating a signed URL.
Throws:
CloudFrontServiceException

signUrl

public static String signUrl(String domainName,
                             String s3ObjectKey,
                             String keyPairId,
                             byte[] derPrivateKey,
                             String policy)
                      throws CloudFrontServiceException
Generate a signed URL that allows access to distribution and S3 objects by applying access restrictions specified in a custom policy document.

Parameters:
domainName - The distribution's domain name, e.g. a1b2c3d4e5f6g7.cloudfront.net/path/to/object.txt
s3ObjectKey - Key name of the S3 object that will be made accessible through the signed URL.
keyPairId - Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.
derPrivateKey - The RSA private key data that corresponding to the certificate keypair identified by keyPairId, in DER format. To convert a standard PEM private key file into this format use the utility method EncryptionUtil.convertRsaPemToDer(java.io.InputStream)
policy - A policy document that describes the access permissions that will be applied by the signed URL. To generate a custom policy use buildPolicyForSignedUrl(String, Date, String, Date).
Returns:
A signed URL that will permit access to distribution and S3 objects as specified in the policy document.
Throws:
CloudFrontServiceException

signUrlCanned

public static String signUrlCanned(String domainName,
                                   String s3ObjectKey,
                                   String keyPairId,
                                   byte[] derPrivateKey,
                                   Date epochDateLessThan)
                            throws CloudFrontServiceException
Generate a signed URL that allows access to a specific distribution and S3 object by applying a access restrictions from a "canned" (simplified) policy document.

Parameters:
domainName - The distribution's domain name, e.g. a1b2c3d4e5f6g7.cloudfront.net/path/to/object.txt
s3ObjectKey - Key name of the S3 object that will be made accessible through the signed URL.
keyPairId - Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.
derPrivateKey - The RSA private key data that corresponding to the certificate keypair identified by keyPairId, in DER format. To convert a standard PEM private key file into this format use the utility method EncryptionUtil.convertRsaPemToDer(java.io.InputStream)
epochDateLessThan - The time and date when the signed URL will expire. REQUIRED.
Returns:
A signed URL that will permit access to a specific distribution and S3 object.
Throws:
CloudFrontServiceException