Jump to content
Fórum Script Brasil
  • 0

Como obter um objeto privado para balde usando o cloudfront?


Matheus Silva

Question

O URL é gerado normalmente, mas retorna o ''error 403, access is denied''

 

$cloudFront = new Aws\CloudFront\CloudFrontClient([
    'region'  => 'us-west-2',
    'version' => '2014-11-06'
]);


// Create a signed URL for the resource using the canned policy
$streamHostUrl = 'http://example-distribution.cloudfront.net';
$resourceKey = 'videos/example.mp4';
$expires = time() + 300;

$signedUrlCannedPolicy = $cloudFront->getSignedUrl([
    'url'         => $streamHostUrl . '/' . $resourceKey,
    'expires'     => $expires,
    'private_key' => '/path/to/your/cloudfront-private-key.pem',
    'key_pair_id' => '<cloudfront key pair id>'
]);

Ou

$customPolicy = <<<POLICY
{
  "Statement": [
  {
    "Resource": "{$resourceKey}",
    "Condition": {
      "IpAddress": {"AWS:SourceIp": "{$_SERVER['REMOTE_ADDR']}/32"},
      "DateLessThan": {"AWS:EpochTime": {$expires}}
    }
  }
  ]
}
POLICY;

$signedUrlCustomPolicy = $cloudFront->getSignedUrl([
  'url'    => $streamHostUrl . '/' . $resourceKey,
  'policy' => $customPolicy,
  'private_key' => 'cloudfront-private-key.pem',
  'key_pair_id' => 'APKAIOC51117353UZVD4EHA'
  ]);

Nas políticas do meu balde já coloquei:

{
  "Version": "2008-10-17",
  "Id": "PolicyForCloudFrontPrivateContent",
  "Statement": [
  {
    "Sid": "1",
    "Effect": "Allow",
    "Principal": {
      "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2SR5AFDLD7B7P"
    },
    "Action": "s3:GetObject",
    "Resource": "arn:aws:s3:::darpi.enterprises/*"
  }
  ]
}

Em ambas as maneiras gera URL, mas não consigo obter o arquivo. Alguma informação que possa me ajudar? Ficarei muito agradecido.

Link to comment
Share on other sites

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



  • Forum Statistics

    • Total Topics
      152.1k
    • Total Posts
      652k
×
×
  • Create New...