kjs3/gist:408311

## gistfile1.builder
require 'right_aws.rb'

@amz_public_key = 'myaccesskey'      # S3 Public key
@amz_private_key = 'mysecretaccesskey'      # S3 Private key

# You need to create a key/pair to do much of anything with aws.  You can do this by going to
# http://aws-portal.amazon.com/gp/aws/developer/account/index.html?action=access-key and clicking
# on the Key Pairs tab

@key_id = 'keyID'              # Key ID from AWS (not the EC2 key/pairs)
@pem_file = 'pk-pemfile.pem'            # Location of pem file associated with @key_id

@private_bucket = 'bucketname'     # If you're using a public bucket things are simpler

@acf = RightAws::AcfInterface.new(@amz_public_key, @amz_private_key)
@s3 = RightAws::S3Interface.new(@amz_public_key, @amz_private_key)

# ====================================================================================
# == Create a Private Streaming Distribution with access rights to a private bucket ==
# ====================================================================================


# origin access identities are tied to distributions.  You need to grant them
# rights to the bucket - which we'll show you how to do
@s3_streaming_con_user_id   # we'll get this after creating a distro

def create_private_streaming_distribution(bucket = @private_bucket)
  # see doc in create_distribution_by_config for explanation of enhanced_seek
  # we'll have this auto generate a origin access identity
  config = {:origin => "#{bucket}.s3.amazonaws.com", :comment => "New private streaming distribution",
                       :streaming => true,
                       :enhanced_seek => true,
                       :enhanced_seek_zone => "server",
                       :auto_generate_origin_access_identity => true,
                       :trusted_signers => { :self => true }}
  res = @acf.create_distribution_by_config(config)
  oid = @acf.get_origin_access_identity(res[:origin_access_identity])
  @s3_streaming_con_user_id = oid[:s3_canonical_user_id]
  puts @s3_streaming_con_user_id

  #grant permissions for your distribution to the S3 bucket
  #grant_permissions(@s3_streaming_con_user_id, "Full permissions for #{res[:aws_id]}")
  grant_permissions

  return res[:aws_id]    # you'll need this to change the config of the distribution - you can also look this up on Amazon's Distribution console
end

def grant_permissions(bucket = @private_bucket, s3_con_user_id = @s3_streaming_con_user_id)
  res = @s3.add_s3canonical_grantee_to_bucket_and_objects(bucket, s3_con_user_id, "FULL_CONTROL", "Perms for #{s3_con_user_id}")
  puts res.to_yaml
end

# creating distribution and granting permissions
create_private_streaming_distribution
	require 'right_aws.rb'

	@amz_public_key = 'myaccesskey' # S3 Public key
	@amz_private_key = 'mysecretaccesskey' # S3 Private key

	# You need to create a key/pair to do much of anything with aws. You can do this by going to
	# http://aws-portal.amazon.com/gp/aws/developer/account/index.html?action=access-key and clicking
	# on the Key Pairs tab

	@key_id = 'keyID' # Key ID from AWS (not the EC2 key/pairs)
	@pem_file = 'pk-pemfile.pem' # Location of pem file associated with @key_id

	@private_bucket = 'bucketname' # If you're using a public bucket things are simpler

	@acf = RightAws::AcfInterface.new(@amz_public_key, @amz_private_key)
	@s3 = RightAws::S3Interface.new(@amz_public_key, @amz_private_key)

	# ====================================================================================
	# == Create a Private Streaming Distribution with access rights to a private bucket ==
	# ====================================================================================


	# origin access identities are tied to distributions. You need to grant them
	# rights to the bucket - which we'll show you how to do
	@s3_streaming_con_user_id # we'll get this after creating a distro

	def create_private_streaming_distribution(bucket = @private_bucket)
	# see doc in create_distribution_by_config for explanation of enhanced_seek
	# we'll have this auto generate a origin access identity
	config = {:origin => "#{bucket}.s3.amazonaws.com", :comment => "New private streaming distribution",
	:streaming => true,
	:enhanced_seek => true,
	:enhanced_seek_zone => "server",
	:auto_generate_origin_access_identity => true,
	:trusted_signers => { :self => true }}
	res = @acf.create_distribution_by_config(config)
	oid = @acf.get_origin_access_identity(res[:origin_access_identity])
	@s3_streaming_con_user_id = oid[:s3_canonical_user_id]
	puts @s3_streaming_con_user_id

	#grant permissions for your distribution to the S3 bucket
	#grant_permissions(@s3_streaming_con_user_id, "Full permissions for #{res[:aws_id]}")
	grant_permissions

	return res[:aws_id] # you'll need this to change the config of the distribution - you can also look this up on Amazon's Distribution console
	end

	def grant_permissions(bucket = @private_bucket, s3_con_user_id = @s3_streaming_con_user_id)
	res = @s3.add_s3canonical_grantee_to_bucket_and_objects(bucket, s3_con_user_id, "FULL_CONTROL", "Perms for #{s3_con_user_id}")
	puts res.to_yaml
	end

	# creating distribution and granting permissions
	create_private_streaming_distribution