Skip to content

Instantly share code, notes, and snippets.

@aparrish
Created November 30, 2011 21:04
Show Gist options
  • Save aparrish/1410811 to your computer and use it in GitHub Desktop.
Save aparrish/1410811 to your computer and use it in GitHub Desktop.
make an s3 policy from a bucket name, secret key, and filename
def make_s3_policy(aws_bucket, aws_secret_key, filename, expiration_delta):
import datetime
import base64
import json
import hmac
from hashlib import sha1
expiration = (datetime.datetime.utcnow() + \
datetime.timedelta(seconds=expiration_delta)).strftime("%Y-%m-%dT%H:%M:%SZ")
policy = {
"expiration": expiration,
"conditions": [
{"key": filename},
{"bucket": aws_bucket},
{"acl": "public-read"},
{"Content-type": "image/png"},
["content-length-range", 0, 5000000]
]
}
policy = base64.b64encode(json.dumps(policy))
signed = base64.b64encode(
hmac.new(str(aws_secret_key), str(policy), sha1).digest())
return policy, signed
if __name__ == '__main__':
print make_s3_policy("foo", "barbazquux", "xyzzy.png", 300)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment