Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Ruby gem for signing AWS Cloudfront URLs for serving private content

branch: master
README.md

aws_cf_signer

Small gem for signing AWS CloudFront URLs given a AWS key_pair_id and pem file. Read more here: http://docs.amazonwebservices.com/AmazonCloudFront/latest/DeveloperGuide/index.html?PrivateContent.html

Installation

In your Gemfile.

gem 'aws_cf_signer'

Or on your system.

gem install aws_cf_signer

Usage

# Pass in path to the private CloudFront key from AWS
signer = AwsCfSigner.new('/path/to/my/pk-1234567890.pem')

# If the key filename doesn't contain the key_pair_id (as it usually does from AWS), pass that in as the second arg
signer = AwsCfSigner.new('/path/to/my/private-key.pem', '1234567890')

# expiration date is required
# See Example Canned Policy at above AWS doc link
url = signer.sign('http://d604721fxaaqy9.cloudfront.net/horizon.jpg?large=yes&license=yes', :ending => 'Sat, 14 Nov 2009 22:20:00 GMT')

# You can also use a Time object
url = signer.sign('http://d604721fxaaqy9.cloudfront.net/horizon.jpg?large=yes&license=yes', :ending => Time.now + 3600)

# Custom Policies

# See Example Custom Policy 1 at above AWS doc link
url = signer.sign('http://d604721fxaaqy9.cloudfront.net/training/orientation.avi',
  :ending   => 'Sat, 14 Nov 2009 22:20:00 GMT',
  :resource => 'http://d604721fxaaqy9.cloudfront.net/training/*',
  :ip_range => '145.168.143.0/24'
)

# See Example Custom Policy 2 at above AWS doc link
url = signer.sign('http://d84l721fxaaqy9.cloudfront.net/downloads/pictures.tgz',
  :starting => 'Thu, 30 Apr 2009 06:43:10 GMT',
  :ending   => 'Fri, 16 Oct 2009 06:31:56 GMT',
  :resource => 'http://*',
  :ip_range => '216.98.35.1/32'
)

# You can also pass in a path to a policy file
# This will supersede any other policy options
url = signer.sign('http://d84l721fxaaqy9.cloudfront.net/downloads/pictures.tgz',
  :policy_file => '/path/to/policy/file.txt'
)

See the test/test_aws_cf_signer.rb file for more examples.

Note on Patches/Pull Requests

  • Fork the project.
  • Make your feature addition or bug fix.
  • Add tests for it. This is important so I don't break it in a future version unintentionally.
  • Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
  • Send me a pull request. Bonus points for topic branches.

Attributions

Parts of signing code taken from a question on Stack Overflow asked by Ben Wiseley, and answered by Blaz Lipuscek and Manual M:

License

aws_cf_signer is distributed under the MIT License, copyright © 2010 STL, Dylan Vaughn

Something went wrong with that request. Please try again.