|CFlong| Streaming Example

# Amazon CloudFront examples using the Amazon SDK for PHP Version 3 Amazon CloudFront is an Amazon web service that speeds up serving static and dynamic web content from your own web server or an Amazon server, such as Amazon S3. CloudFront delivers content through a worldwide network of data centers called edge locations. When a user requests content that you’re distributing with CloudFront, they’re routed to the edge location that provides the lowest latency. If the content isn’t cached there already, CloudFront retrieves a copy from the origin server, serves it, and then caches it for future requests. For more information about CloudFront, see the [Amazon CloudFront Developer Guide](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/). All the example code for the Amazon SDK for PHP Version 3 is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). # Managing Amazon CloudFront distributions using the CloudFront API and the Amazon SDK for PHP Version 3 Amazon CloudFront caches content in worldwide edge locations to speed up distribution of static and dynamic files that you store on your own server, or on an Amazon service like Amazon S3 and Amazon EC2. When users request content from your website, CloudFront serves it from the closest edge location, if the file is cached there. Otherwise CloudFront retrieves a copy of the file, serves it, and then caches it for the next request. Caching content at an edge location reduces the latency of similar user requests in that area. For each CloudFront distribution that you create, you specify where the content is located and how to distribute it when users make requests. This topic focuses on distributions for static and dynamic files such as HTML, CSS, JSON, and image files. F or information about using CloudFront with video on demand, see [On-Demand and Live Streaming Video with CloudFront](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/on-demand-streaming-video.html). The following examples show how to: + Create a distribution using [CreateDistribution](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#createdistribution). + Get a distribution using [GetDistribution](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#getdistribution). + List distributions using [ListDistributions](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#listdistributions). + Update distributions using [UpdateDistributions](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#updatedistribution). + Disable distributions using [DisableDistribution](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#disabledistribution). + Delete distributions using [DeleteDistributions](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#deletedistribution). All the example code for the Amazon SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your Amazon credentials, as described in [Authenticating with Amazon using Amazon SDK for PHP Version 3](credentials.md). Then import the Amazon SDK for PHP, as described in [Installing the Amazon SDK for PHP Version 3](getting-started_installation.md). For more information about using Amazon CloudFront, see the [Amazon CloudFront Developer Guide](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/). ## Create a CloudFront distribution Create a distribution from an Amazon S3 bucket. In the following example, optional parameters are commented out, but default values are displayed. To add customizations to your distribution, uncomment both the value and the parameter inside `$distribution`. To create a CloudFront distribution, use the [CreateDistribution](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_CreateDistribution.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; ``` **Sample Code** ``` function createS3Distribution($cloudFrontClient, $distribution) { try { $result = $cloudFrontClient->createDistribution([ 'DistributionConfig' => $distribution ]); $message = ''; if (isset($result['Distribution']['Id'])) { $message = 'Distribution created with the ID of ' . $result['Distribution']['Id']; } $message .= ' and an effective URI of ' . $result['@metadata']['effectiveUri'] . '.'; return $message; } catch (AwsException $e) { return 'Error: ' . $e['message']; } } function createsTheS3Distribution() { $originName = 'my-unique-origin-name'; $s3BucketURL = 'amzn-s3-demo-bucket.s3.amazonaws.com'; $callerReference = 'my-unique-caller-reference'; $comment = 'my-comment-about-this-distribution'; $defaultCacheBehavior = [ 'AllowedMethods' => [ 'CachedMethods' => [ 'Items' => ['HEAD', 'GET'], 'Quantity' => 2 ], 'Items' => ['HEAD', 'GET'], 'Quantity' => 2 ], 'Compress' => false, 'DefaultTTL' => 0, 'FieldLevelEncryptionId' => '', 'ForwardedValues' => [ 'Cookies' => [ 'Forward' => 'none' ], 'Headers' => [ 'Quantity' => 0 ], 'QueryString' => false, 'QueryStringCacheKeys' => [ 'Quantity' => 0 ] ], 'LambdaFunctionAssociations' => ['Quantity' => 0], 'MaxTTL' => 0, 'MinTTL' => 0, 'SmoothStreaming' => false, 'TargetOriginId' => $originName, 'TrustedSigners' => [ 'Enabled' => false, 'Quantity' => 0 ], 'ViewerProtocolPolicy' => 'allow-all' ]; $enabled = false; $origin = [ 'Items' => [ [ 'DomainName' => $s3BucketURL, 'Id' => $originName, 'OriginPath' => '', 'CustomHeaders' => ['Quantity' => 0], 'S3OriginConfig' => ['OriginAccessIdentity' => ''] ] ], 'Quantity' => 1 ]; $distribution = [ 'CallerReference' => $callerReference, 'Comment' => $comment, 'DefaultCacheBehavior' => $defaultCacheBehavior, 'Enabled' => $enabled, 'Origins' => $origin ]; $cloudFrontClient = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); echo createS3Distribution($cloudFrontClient, $distribution); } // Uncomment the following line to run this code in an AWS account. // createsTheS3Distribution(); ``` ## Retrieve a CloudFront distribution To retrieve the status and details of a specified CloudFront distribution, use the [GetDistribution](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_GetDistribution.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; ``` **Sample Code** ``` function getDistribution($cloudFrontClient, $distributionId) { try { $result = $cloudFrontClient->getDistribution([ 'Id' => $distributionId ]); $message = ''; if (isset($result['Distribution']['Status'])) { $message = 'The status of the distribution with the ID of ' . $result['Distribution']['Id'] . ' is currently ' . $result['Distribution']['Status']; } if (isset($result['@metadata']['effectiveUri'])) { $message .= ', and the effective URI is ' . $result['@metadata']['effectiveUri'] . '.'; } else { $message = 'Error: Could not get the specified distribution. ' . 'The distribution\'s status is not available.'; } return $message; } catch (AwsException $e) { return 'Error: ' . $e->getAwsErrorMessage(); } } function getsADistribution() { $distributionId = 'E1BTGP2EXAMPLE'; $cloudFrontClient = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); echo getDistribution($cloudFrontClient, $distributionId); } // Uncomment the following line to run this code in an AWS account. // getsADistribution(); ``` ## List CloudFront distributions Get a list of existing CloudFront distributions in the specified Amazon Region from your current account using the [ListDistributions](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_ListDistributions.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; ``` **Sample Code** ``` function listDistributions($cloudFrontClient) { try { $result = $cloudFrontClient->listDistributions([]); return $result; } catch (AwsException $e) { exit('Error: ' . $e->getAwsErrorMessage()); } } function listTheDistributions() { $cloudFrontClient = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-2' ]); $distributions = listDistributions($cloudFrontClient); if (count($distributions) == 0) { echo 'Could not find any distributions.'; } else { foreach ($distributions['DistributionList']['Items'] as $distribution) { echo 'The distribution with the ID of ' . $distribution['Id'] . ' has the status of ' . $distribution['Status'] . '.' . "\n"; } } } // Uncomment the following line to run this code in an AWS account. // listTheDistributions(); ``` ## Update a CloudFront distribution Updating a CloudFront distribution is similar to creating a distribution. However, when you update a distribution, more fields are required and all values must be included. To make changes to an existing distribution, we recommend that you first retrieve the existing distribution, and update the values you want to change in the `$distribution` array. To update a specified CloudFront distribution, use the [UpdateDistribution](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_UpdateDistribution.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\CloudFront\CloudFrontClient; use Aws\Exception\AwsException; ``` **Sample Code** ``` function updateDistribution( $cloudFrontClient, $distributionId, $distributionConfig, $eTag ) { try { $result = $cloudFrontClient->updateDistribution([ 'DistributionConfig' => $distributionConfig, 'Id' => $distributionId, 'IfMatch' => $eTag ]); return 'The distribution with the following effective URI has ' . 'been updated: ' . $result['@metadata']['effectiveUri']; } catch (AwsException $e) { return 'Error: ' . $e->getAwsErrorMessage(); } } function getDistributionConfig($cloudFrontClient, $distributionId) { try { $result = $cloudFrontClient->getDistribution([ 'Id' => $distributionId, ]); if (isset($result['Distribution']['DistributionConfig'])) { return [ 'DistributionConfig' => $result['Distribution']['DistributionConfig'], 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } else { return [ 'Error' => 'Error: Cannot find distribution configuration details.', 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } } catch (AwsException $e) { return [ 'Error' => 'Error: ' . $e->getAwsErrorMessage() ]; } } function getDistributionETag($cloudFrontClient, $distributionId) { try { $result = $cloudFrontClient->getDistribution([ 'Id' => $distributionId, ]); if (isset($result['ETag'])) { return [ 'ETag' => $result['ETag'], 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } else { return [ 'Error' => 'Error: Cannot find distribution ETag header value.', 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } } catch (AwsException $e) { return [ 'Error' => 'Error: ' . $e->getAwsErrorMessage() ]; } } function updateADistribution() { // $distributionId = 'E1BTGP2EXAMPLE'; $distributionId = 'E1X3BKQ569KEMH'; $cloudFrontClient = new CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); // To change a distribution, you must first get the distribution's // ETag header value. $eTag = getDistributionETag($cloudFrontClient, $distributionId); if (array_key_exists('Error', $eTag)) { exit($eTag['Error']); } // To change a distribution, you must also first get information about // the distribution's current configuration. Then you must use that // information to build a new configuration. $currentConfig = getDistributionConfig($cloudFrontClient, $distributionId); if (array_key_exists('Error', $currentConfig)) { exit($currentConfig['Error']); } // To change a distribution's configuration, you can set the // distribution's related configuration value as part of a change request, // for example: // 'Enabled' => true // Some configuration values are required to be specified as part of a change // request, even if you don't plan to change their values. For ones you // don't want to change but are required to be specified, you can just reuse // their current values, as follows. $distributionConfig = [ 'CallerReference' => $currentConfig['DistributionConfig']["CallerReference"], 'Comment' => $currentConfig['DistributionConfig']["Comment"], 'DefaultCacheBehavior' => $currentConfig['DistributionConfig']["DefaultCacheBehavior"], 'DefaultRootObject' => $currentConfig['DistributionConfig']["DefaultRootObject"], 'Enabled' => $currentConfig['DistributionConfig']["Enabled"], 'Origins' => $currentConfig['DistributionConfig']["Origins"], 'Aliases' => $currentConfig['DistributionConfig']["Aliases"], 'CustomErrorResponses' => $currentConfig['DistributionConfig']["CustomErrorResponses"], 'HttpVersion' => $currentConfig['DistributionConfig']["HttpVersion"], 'CacheBehaviors' => $currentConfig['DistributionConfig']["CacheBehaviors"], 'Logging' => $currentConfig['DistributionConfig']["Logging"], 'PriceClass' => $currentConfig['DistributionConfig']["PriceClass"], 'Restrictions' => $currentConfig['DistributionConfig']["Restrictions"], 'ViewerCertificate' => $currentConfig['DistributionConfig']["ViewerCertificate"], 'WebACLId' => $currentConfig['DistributionConfig']["WebACLId"] ]; echo updateDistribution( $cloudFrontClient, $distributionId, $distributionConfig, $eTag['ETag'] ); } // Uncomment the following line to run this code in an AWS account. // updateADistribution(); ``` ## Disable a CloudFront distribution To deactivate or remove a distribution, change its status from deployed to disabled. To disable the specified CloudFront distribution, use the [DisableDistribution](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_DisableDistribution.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; ``` **Sample Code** ``` function disableDistribution( $cloudFrontClient, $distributionId, $distributionConfig, $eTag ) { try { $result = $cloudFrontClient->updateDistribution([ 'DistributionConfig' => $distributionConfig, 'Id' => $distributionId, 'IfMatch' => $eTag ]); return 'The distribution with the following effective URI has ' . 'been disabled: ' . $result['@metadata']['effectiveUri']; } catch (AwsException $e) { return 'Error: ' . $e->getAwsErrorMessage(); } } function getDistributionConfig($cloudFrontClient, $distributionId) { try { $result = $cloudFrontClient->getDistribution([ 'Id' => $distributionId, ]); if (isset($result['Distribution']['DistributionConfig'])) { return [ 'DistributionConfig' => $result['Distribution']['DistributionConfig'], 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } else { return [ 'Error' => 'Error: Cannot find distribution configuration details.', 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } } catch (AwsException $e) { return [ 'Error' => 'Error: ' . $e->getAwsErrorMessage() ]; } } function getDistributionETag($cloudFrontClient, $distributionId) { try { $result = $cloudFrontClient->getDistribution([ 'Id' => $distributionId, ]); if (isset($result['ETag'])) { return [ 'ETag' => $result['ETag'], 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } else { return [ 'Error' => 'Error: Cannot find distribution ETag header value.', 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } } catch (AwsException $e) { return [ 'Error' => 'Error: ' . $e->getAwsErrorMessage() ]; } } function disableADistribution() { $distributionId = 'E1BTGP2EXAMPLE'; $cloudFrontClient = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); // To disable a distribution, you must first get the distribution's // ETag header value. $eTag = getDistributionETag($cloudFrontClient, $distributionId); if (array_key_exists('Error', $eTag)) { exit($eTag['Error']); } // To delete a distribution, you must also first get information about // the distribution's current configuration. Then you must use that // information to build a new configuration, including setting the new // configuration to "disabled". $currentConfig = getDistributionConfig($cloudFrontClient, $distributionId); if (array_key_exists('Error', $currentConfig)) { exit($currentConfig['Error']); } $distributionConfig = [ 'CacheBehaviors' => $currentConfig['DistributionConfig']["CacheBehaviors"], 'CallerReference' => $currentConfig['DistributionConfig']["CallerReference"], 'Comment' => $currentConfig['DistributionConfig']["Comment"], 'DefaultCacheBehavior' => $currentConfig['DistributionConfig']["DefaultCacheBehavior"], 'DefaultRootObject' => $currentConfig['DistributionConfig']["DefaultRootObject"], 'Enabled' => false, 'Origins' => $currentConfig['DistributionConfig']["Origins"], 'Aliases' => $currentConfig['DistributionConfig']["Aliases"], 'CustomErrorResponses' => $currentConfig['DistributionConfig']["CustomErrorResponses"], 'HttpVersion' => $currentConfig['DistributionConfig']["HttpVersion"], 'Logging' => $currentConfig['DistributionConfig']["Logging"], 'PriceClass' => $currentConfig['DistributionConfig']["PriceClass"], 'Restrictions' => $currentConfig['DistributionConfig']["Restrictions"], 'ViewerCertificate' => $currentConfig['DistributionConfig']["ViewerCertificate"], 'WebACLId' => $currentConfig['DistributionConfig']["WebACLId"] ]; echo disableDistribution( $cloudFrontClient, $distributionId, $distributionConfig, $eTag['ETag'] ); } // Uncomment the following line to run this code in an AWS account. // disableADistribution(); ``` ## Delete a CloudFront distribution Once a distribution is in a disabled status, you can delete the distribution. To remove a specified CloudFront distribution, use the [DeleteDistribution](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_DeleteDistribution.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; ``` **Sample Code** ``` function deleteDistribution($cloudFrontClient, $distributionId, $eTag) { try { $result = $cloudFrontClient->deleteDistribution([ 'Id' => $distributionId, 'IfMatch' => $eTag ]); return 'The distribution at the following effective URI has ' . 'been deleted: ' . $result['@metadata']['effectiveUri']; } catch (AwsException $e) { return 'Error: ' . $e->getAwsErrorMessage(); } } function getDistributionETag($cloudFrontClient, $distributionId) { try { $result = $cloudFrontClient->getDistribution([ 'Id' => $distributionId, ]); if (isset($result['ETag'])) { return [ 'ETag' => $result['ETag'], 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } else { return [ 'Error' => 'Error: Cannot find distribution ETag header value.', 'effectiveUri' => $result['@metadata']['effectiveUri'] ]; } } catch (AwsException $e) { return [ 'Error' => 'Error: ' . $e->getAwsErrorMessage() ]; } } function deleteADistribution() { $distributionId = 'E17G7YNEXAMPLE'; $cloudFrontClient = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); // To delete a distribution, you must first get the distribution's // ETag header value. $eTag = getDistributionETag($cloudFrontClient, $distributionId); if (array_key_exists('Error', $eTag)) { exit($eTag['Error']); } else { echo deleteDistribution( $cloudFrontClient, $distributionId, $eTag['ETag'] ); } } // Uncomment the following line to run this code in an AWS account. // deleteADistribution(); ``` # Managing Amazon CloudFront invalidations using the CloudFront API and the Amazon SDK for PHP Version 3 Amazon CloudFront caches copies of static and dynamic files in worldwide edge locations. To remove or update a file on all edge locations, create an invalidation for each file or for a group of files. Each calendar month, your first 1,000 invalidations are free. To learn more about removing content from a CloudFront edge location, see [Invalidating Files](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html). The following examples show how to: + Create a distribution invalidation using [CreateInvalidation](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#createinvalidation). + Get a distribution invalidation using [GetInvalidation](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#getinvalidation). + List distributions using [ListInvalidations](https://docs.amazonaws.cn/aws-sdk-php/v3/api/api-cloudfront-2018-11-05.html#listinvalidations). All the example code for the Amazon SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your Amazon credentials, as described in [Authenticating with Amazon using Amazon SDK for PHP Version 3](credentials.md). Then import the Amazon SDK for PHP, as described in [Installing the Amazon SDK for PHP Version 3](getting-started_installation.md). For more information about using Amazon CloudFront, see the [Amazon CloudFront Developer Guide](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/). ## Create a distribution invalidation Create a CloudFront distribution invalidation by specifying the path location for the files you need to remove. This example invalidates all files in the distribution, but you can identify specific files under `Items`. To create a CloudFront distribution invalidation, use the [CreateInvalidation](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_CreateInvalidation.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; ``` **Sample Code** ``` function createInvalidation( $cloudFrontClient, $distributionId, $callerReference, $paths, $quantity ) { try { $result = $cloudFrontClient->createInvalidation([ 'DistributionId' => $distributionId, 'InvalidationBatch' => [ 'CallerReference' => $callerReference, 'Paths' => [ 'Items' => $paths, 'Quantity' => $quantity, ], ] ]); $message = ''; if (isset($result['Location'])) { $message = 'The invalidation location is: ' . $result['Location']; } $message .= ' and the effective URI is ' . $result['@metadata']['effectiveUri'] . '.'; return $message; } catch (AwsException $e) { return 'Error: ' . $e->getAwsErrorMessage(); } } function createTheInvalidation() { $distributionId = 'E17G7YNEXAMPLE'; $callerReference = 'my-unique-value'; $paths = ['/*']; $quantity = 1; $cloudFrontClient = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); echo createInvalidation( $cloudFrontClient, $distributionId, $callerReference, $paths, $quantity ); } // Uncomment the following line to run this code in an AWS account. // createTheInvalidation(); ``` ## Get a distribution invalidation To retrieve the status and details about a CloudFront distribution invalidation, use the [GetInvalidation](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_GetInvalidation.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; ``` **Sample Code** ``` function getInvalidation($cloudFrontClient, $distributionId, $invalidationId) { try { $result = $cloudFrontClient->getInvalidation([ 'DistributionId' => $distributionId, 'Id' => $invalidationId, ]); $message = ''; if (isset($result['Invalidation']['Status'])) { $message = 'The status for the invalidation with the ID of ' . $result['Invalidation']['Id'] . ' is ' . $result['Invalidation']['Status']; } if (isset($result['@metadata']['effectiveUri'])) { $message .= ', and the effective URI is ' . $result['@metadata']['effectiveUri'] . '.'; } else { $message = 'Error: Could not get information about ' . 'the invalidation. The invalidation\'s status ' . 'was not available.'; } return $message; } catch (AwsException $e) { return 'Error: ' . $e->getAwsErrorMessage(); } } function getsAnInvalidation() { $distributionId = 'E1BTGP2EXAMPLE'; $invalidationId = 'I1CDEZZEXAMPLE'; $cloudFrontClient = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); echo getInvalidation($cloudFrontClient, $distributionId, $invalidationId); } // Uncomment the following line to run this code in an AWS account. // getsAnInvalidation(); ``` ## List distribution invalidations To list all current CloudFront distribution invalidations, use the [ListInvalidations](https://docs.amazonaws.cn/cloudfront/latest/APIReference/API_ListInvalidations.html) operation. **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; ``` **Sample Code** ``` function listInvalidations($cloudFrontClient, $distributionId) { try { $result = $cloudFrontClient->listInvalidations([ 'DistributionId' => $distributionId ]); return $result; } catch (AwsException $e) { exit('Error: ' . $e->getAwsErrorMessage()); } } function listTheInvalidations() { $distributionId = 'E1WICG1EXAMPLE'; $cloudFrontClient = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); $invalidations = listInvalidations( $cloudFrontClient, $distributionId ); if (isset($invalidations['InvalidationList'])) { if ($invalidations['InvalidationList']['Quantity'] > 0) { foreach ($invalidations['InvalidationList']['Items'] as $invalidation) { echo 'The invalidation with the ID of ' . $invalidation['Id'] . ' has the status of ' . $invalidation['Status'] . '.' . "\n"; } } else { echo 'Could not find any invalidations for the specified distribution.'; } } else { echo 'Error: Could not get invalidation information. Could not get ' . 'information about the specified distribution.'; } } // Uncomment the following line to run this code in an AWS account. // listTheInvalidations(); ``` # Signing Amazon CloudFront URLs with Amazon SDK for PHP Version 3 Signed URLs enable you to provide users access to your private content. A signed URL includes additional information (for example, expiration time) that gives you more control over access to your content. This additional information appears in a policy statement, which is based on either a canned policy or a custom policy. For information about how to set up private distributions and why you need to sign URLs, see [Serving Private Content through Amazon CloudFront](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the Amazon CloudFront Developer Guide. + Create a signed Amazon CloudFront URL using [getSignedURL](https://docs.amazonaws.cn/aws-sdk-php/v3/api/class-Aws.CloudFront.CloudFrontClient.html#_getSignedUrl). + Create a signed Amazon CloudFront cookie using [getSignedCookie](https://docs.amazonaws.cn/aws-sdk-php/v3/api/class-Aws.CloudFront.CloudFrontClient.html#_getSignedCookie). All the example code for the Amazon SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your Amazon credentials, as described in [Authenticating with Amazon using Amazon SDK for PHP Version 3](credentials.md). Then import the Amazon SDK for PHP, as described in [Installing the Amazon SDK for PHP Version 3](getting-started_installation.md). For more information about using Amazon CloudFront, see the [Amazon CloudFront Developer Guide](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/). ## Signing CloudFront URLs for private distributions You can sign a URL using the CloudFront client in the SDK. First, you must create a `CloudFrontClient` object. You can sign a CloudFront URL for a video resource using either a canned or custom policy. **Imports** ``` require 'vendor/autoload.php'; use Aws\CloudFront\CloudFrontClient; use Aws\Exception\AwsException; ``` **Sample Code** ``` function signPrivateDistribution( $cloudFrontClient, $resourceKey, $expires, $privateKey, $keyPairId ) { try { $result = $cloudFrontClient->getSignedUrl([ 'url' => $resourceKey, 'expires' => $expires, 'private_key' => $privateKey, 'key_pair_id' => $keyPairId ]); return $result; } catch (AwsException $e) { return 'Error: ' . $e->getAwsErrorMessage(); } } function signAPrivateDistribution() { $resourceKey = 'https://d13l49jEXAMPLE.cloudfront.net/my-file.txt'; $expires = time() + 300; // 5 minutes (5 * 60 seconds) from now. $privateKey = dirname(__DIR__) . '/cloudfront/my-private-key.pem'; $keyPairId = 'AAPKAJIKZATYYYEXAMPLE'; $cloudFrontClient = new CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); echo signPrivateDistribution( $cloudFrontClient, $resourceKey, $expires, $privateKey, $keyPairId ); } // Uncomment the following line to run this code in an AWS account. // signAPrivateDistribution(); ``` ## Use a custom policy when creating CloudFront URLs To use a custom policy, provide the `policy` key instead of `expires`. **Imports** ``` require 'vendor/autoload.php'; use Aws\CloudFront\CloudFrontClient; use Aws\Exception\AwsException; ``` **Sample Code** ``` function signPrivateDistributionPolicy( $cloudFrontClient, $resourceKey, $customPolicy, $privateKey, $keyPairId ) { try { $result = $cloudFrontClient->getSignedUrl([ 'url' => $resourceKey, 'policy' => $customPolicy, 'private_key' => $privateKey, 'key_pair_id' => $keyPairId ]); return $result; } catch (AwsException $e) { return 'Error: ' . $e->getAwsErrorMessage(); } } function signAPrivateDistributionPolicy() { $resourceKey = 'https://d13l49jEXAMPLE.cloudfront.net/my-file.txt'; $expires = time() + 300; // 5 minutes (5 * 60 seconds) from now. $customPolicy = << 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); echo signPrivateDistributionPolicy( $cloudFrontClient, $resourceKey, $customPolicy, $privateKey, $keyPairId ); } // Uncomment the following line to run this code in an AWS account. // signAPrivateDistributionPolicy(); ``` ## Use a CloudFront signed URL The form of the signed URL differs, depending on whether the URL you are signing is using the “HTTP” or “RTMP” scheme. In the case of “HTTP”, the full, absolute URL is returned. For “RTMP”, only the relative URL is returned for your convenience. This is because some players require the host and path to be provided as separate parameters. The following example shows how you could use the signed URL to construct a webpage that displays a video using [JWPlayer](http://www.longtailvideo.com/jw-player/). The same type of technique would apply to other players such as [FlowPlayer](http://flowplayer.org/), but require different client-side code. ``` |CFlong| Streaming Example

The canned policy video will be here.

``` ## Signing CloudFront cookies for private distributions As an alternative to signed URLs, you can also grant clients access to a private distribution via signed cookies. Signed cookies enable you to provide access to multiple restricted files, such as all of the files for a video in HLS format or all of the files in the subscribers’ area of a website. For more information on why you might want to use signed cookies instead of signed URLs (or vice versa), see [Choosing between signed URLs and signed cookies](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/private-content-choosing-signed-urls-cookies.html) in the Amazon CloudFront Developer Guide. Creating a signed cookie is similar to creating a signed URL. The only difference is the method that is called (`getSignedCookie` instead of `getSignedUrl`). **Imports** ``` require 'vendor/autoload.php'; use Aws\CloudFront\CloudFrontClient; use Aws\Exception\AwsException; ``` **Sample Code** ``` function signCookie( $cloudFrontClient, $resourceKey, $expires, $privateKey, $keyPairId ) { try { $result = $cloudFrontClient->getSignedCookie([ 'url' => $resourceKey, 'expires' => $expires, 'private_key' => $privateKey, 'key_pair_id' => $keyPairId ]); return $result; } catch (AwsException $e) { return [ 'Error' => $e->getAwsErrorMessage() ]; } } function signACookie() { $resourceKey = 'https://d13l49jEXAMPLE.cloudfront.net/my-file.txt'; $expires = time() + 300; // 5 minutes (5 * 60 seconds) from now. $privateKey = dirname(__DIR__) . '/cloudfront/my-private-key.pem'; $keyPairId = 'AAPKAJIKZATYYYEXAMPLE'; $cloudFrontClient = new CloudFrontClient([ 'profile' => 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); $result = signCookie( $cloudFrontClient, $resourceKey, $expires, $privateKey, $keyPairId ); /* If successful, returns something like: CloudFront-Expires = 1589926678 CloudFront-Signature = Lv1DyC2q...2HPXaQ__ CloudFront-Key-Pair-Id = AAPKAJIKZATYYYEXAMPLE */ foreach ($result as $key => $value) { echo $key . ' = ' . $value . "\n"; } } // Uncomment the following line to run this code in an AWS account. // signACookie(); ``` ## Use a custom policy when creating CloudFront cookies As with `getSignedUrl`, you can provide a `'policy'` parameter instead of an `expires` parameter and a `url` parameter to sign a cookie with a custom policy. A custom policy can contain wildcards in the resource key. This enables you to create a single signed cookie for multiple files. `getSignedCookie` returns an array of key-value pairs, all of which must be set as cookies to grant access to a private distribution. **Imports** ``` require 'vendor/autoload.php'; use Aws\CloudFront\CloudFrontClient; use Aws\Exception\AwsException; ``` **Sample Code** ``` function signCookiePolicy( $cloudFrontClient, $customPolicy, $privateKey, $keyPairId ) { try { $result = $cloudFrontClient->getSignedCookie([ 'policy' => $customPolicy, 'private_key' => $privateKey, 'key_pair_id' => $keyPairId ]); return $result; } catch (AwsException $e) { return [ 'Error' => $e->getAwsErrorMessage() ]; } } function signACookiePolicy() { $resourceKey = 'https://d13l49jEXAMPLE.cloudfront.net/my-file.txt'; $expires = time() + 300; // 5 minutes (5 * 60 seconds) from now. $customPolicy = << 'default', 'version' => '2018-06-18', 'region' => 'us-east-1' ]); $result = signCookiePolicy( $cloudFrontClient, $customPolicy, $privateKey, $keyPairId ); /* If successful, returns something like: CloudFront-Policy = eyJTdGF0...fX19XX0_ CloudFront-Signature = RowqEQWZ...N8vetw__ CloudFront-Key-Pair-Id = AAPKAJIKZATYYYEXAMPLE */ foreach ($result as $key => $value) { echo $key . ' = ' . $value . "\n"; } } // Uncomment the following line to run this code in an AWS account. // signACookiePolicy(); ``` ## Send CloudFront cookies to Guzzle client You can also pass these cookies to a `GuzzleHttp\Cookie\CookieJar` for use with a Guzzle client. ``` use GuzzleHttp\Client; use GuzzleHttp\Cookie\CookieJar; $distribution = "example-distribution.cloudfront.net"; $client = new \GuzzleHttp\Client([ 'base_uri' => "https://$distribution", 'cookies' => CookieJar::fromArray($signedCookieCustomPolicy, $distribution), ]); $client->get('video.mp4'); ``` For more information, see [Using Signed Cookies](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html) in the Amazon CloudFront Developer Guide.