Small gem for signing AWS CloudFront URLs given a AWS key_pair_id and pem file. Read more here:
gem install aws_cf_signer
# Pass in path to the private CloudFront key from AWS signer = AwsCfSigner.new('/path/to/my/pk-1234567890.pem') # If the key filename doesn't contain the key_pair_id (as it usually does from AWS), pass that in as the second arg signer = AwsCfSigner.new('/path/to/my/private-key.pem', '1234567890') # expiration date is required # See Example Canned Policy at above AWS doc link url = signer.sign('http://d604721fxaaqy9.cloudfront.net/horizon.jpg?large=yes&license=yes', :ending => 'Sat, 14 Nov 2009 22:20:00 GMT') # You can also use a Time object url = signer.sign('http://d604721fxaaqy9.cloudfront.net/horizon.jpg?large=yes&license=yes', :ending => Time.now + 3600) # Custom Policies # See Example Custom Policy 1 at above AWS doc link url = signer.sign('http://d604721fxaaqy9.cloudfront.net/training/orientation.avi', :ending => 'Sat, 14 Nov 2009 22:20:00 GMT', :resource => 'http://d604721fxaaqy9.cloudfront.net/training/*', :ip_range => '145.168.143.0/24' ) # See Example Custom Policy 2 at above AWS doc link url = signer.sign('http://d84l721fxaaqy9.cloudfront.net/downloads/pictures.tgz', :starting => 'Thu, 30 Apr 2009 06:43:10 GMT', :ending => 'Fri, 16 Oct 2009 06:31:56 GMT', :resource => 'http://*', :ip_range => '216.98.35.1/32' ) # You can also pass in a path to a policy file # This will supersede any other policy options url = signer.sign('http://d84l721fxaaqy9.cloudfront.net/downloads/pictures.tgz', :policy_file => '/path/to/policy/file.txt')
See the test/test_aws_cf_signer.rb file for more examples.
-
Fork the project.
-
Make your feature addition or bug fix.
-
Add tests for it. This is important so I don’t break it in a future version unintentionally.
-
Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
-
Send me a pull request. Bonus points for topic branches.
Parts of signing code taken from a question on Stack Overflow asked by Ben Wiseley, and answered by Blaz Lipuscek and Manual M:
aws_cf_signer is distributed under the MIT License, copyright © 2010 STL