Skip to content

Instantly share code, notes, and snippets.

@kjs3 kjs3/gist:408311
Created May 21, 2010

Embed
What would you like to do?
require 'right_aws.rb'
@amz_public_key = 'myaccesskey' # S3 Public key
@amz_private_key = 'mysecretaccesskey' # S3 Private key
# You need to create a key/pair to do much of anything with aws. You can do this by going to
# http://aws-portal.amazon.com/gp/aws/developer/account/index.html?action=access-key and clicking
# on the Key Pairs tab
@key_id = 'keyID' # Key ID from AWS (not the EC2 key/pairs)
@pem_file = 'pk-pemfile.pem' # Location of pem file associated with @key_id
@private_bucket = 'bucketname' # If you're using a public bucket things are simpler
@acf = RightAws::AcfInterface.new(@amz_public_key, @amz_private_key)
@s3 = RightAws::S3Interface.new(@amz_public_key, @amz_private_key)
# ====================================================================================
# == Create a Private Streaming Distribution with access rights to a private bucket ==
# ====================================================================================
# origin access identities are tied to distributions. You need to grant them
# rights to the bucket - which we'll show you how to do
@s3_streaming_con_user_id # we'll get this after creating a distro
def create_private_streaming_distribution(bucket = @private_bucket)
# see doc in create_distribution_by_config for explanation of enhanced_seek
# we'll have this auto generate a origin access identity
config = {:origin => "#{bucket}.s3.amazonaws.com", :comment => "New private streaming distribution",
:streaming => true,
:enhanced_seek => true,
:enhanced_seek_zone => "server",
:auto_generate_origin_access_identity => true,
:trusted_signers => { :self => true }}
res = @acf.create_distribution_by_config(config)
oid = @acf.get_origin_access_identity(res[:origin_access_identity])
@s3_streaming_con_user_id = oid[:s3_canonical_user_id]
puts @s3_streaming_con_user_id
#grant permissions for your distribution to the S3 bucket
#grant_permissions(@s3_streaming_con_user_id, "Full permissions for #{res[:aws_id]}")
grant_permissions
return res[:aws_id] # you'll need this to change the config of the distribution - you can also look this up on Amazon's Distribution console
end
def grant_permissions(bucket = @private_bucket, s3_con_user_id = @s3_streaming_con_user_id)
res = @s3.add_s3canonical_grantee_to_bucket_and_objects(bucket, s3_con_user_id, "FULL_CONTROL", "Perms for #{s3_con_user_id}")
puts res.to_yaml
end
# creating distribution and granting permissions
create_private_streaming_distribution
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.