CloudFront 用SDK于 Java 2.x 的示例 - Amazon SDK for Java 2.x
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 中国的 Amazon Web Services 服务入门 (PDF)

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

CloudFront 用SDK于 Java 2.x 的示例

以下代码示例向您展示了如何使用with来执行操作和实现常见场景 CloudFront。 Amazon SDK for Java 2.x

操作是大型程序的代码摘录,必须在上下文中运行。您可以通过操作了解如何调用单个服务函数,还可以通过函数相关场景的上下文查看操作。

场景是向您展示如何通过在一个服务中调用多个函数或与其他 Amazon Web Services 服务结合来完成特定任务的代码示例。

每个示例都包含一个指向完整源代码的链接,您可以在其中找到有关如何在上下文中设置和运行代码的说明。

操作

以下代码示例演示如何使用 CreateDistribution

SDK适用于 Java 2.x
注意

还有更多相关信息 GitHub。查找完整示例,学习如何在 Amazon 代码示例存储库中进行设置和运行。

以下示例使用 Amazon Simple Storage Service (Amazon S3) 桶作为内容来源。

创建发行版后,代码会创建一个 CloudFrontWaiter,等待发行版部署完毕后再返回发行版。

import org.slf4j.Logger; import org.slf4j.LoggerFactory; import software.amazon.awssdk.core.internal.waiters.ResponseOrException; import software.amazon.awssdk.services.cloudfront.CloudFrontClient; import software.amazon.awssdk.services.cloudfront.model.CreateDistributionResponse; import software.amazon.awssdk.services.cloudfront.model.Distribution; import software.amazon.awssdk.services.cloudfront.model.GetDistributionResponse; import software.amazon.awssdk.services.cloudfront.model.ItemSelection; import software.amazon.awssdk.services.cloudfront.model.Method; import software.amazon.awssdk.services.cloudfront.model.ViewerProtocolPolicy; import software.amazon.awssdk.services.cloudfront.waiters.CloudFrontWaiter; import software.amazon.awssdk.services.s3.S3Client; import java.time.Instant; public class CreateDistribution { private static final Logger logger = LoggerFactory.getLogger(CreateDistribution.class); public static Distribution createDistribution(CloudFrontClient cloudFrontClient, S3Client s3Client, final String bucketName, final String keyGroupId, final String originAccessControlId) { final String region = s3Client.headBucket(b -> b.bucket(bucketName)).sdkHttpResponse().headers() .get("x-amz-bucket-region").get(0); final String originDomain = bucketName + ".s3." + region + ".amazonaws.com"; String originId = originDomain; // Use the originDomain value for the originId. // The service API requires some deprecated methods, such as // DefaultCacheBehavior.Builder#minTTL and #forwardedValue. CreateDistributionResponse createDistResponse = cloudFrontClient.createDistribution(builder -> builder .distributionConfig(b1 -> b1 .origins(b2 -> b2 .quantity(1) .items(b3 -> b3 .domainName(originDomain) .id(originId) .s3OriginConfig(builder4 -> builder4 .originAccessIdentity( "")) .originAccessControlId( originAccessControlId))) .defaultCacheBehavior(b2 -> b2 .viewerProtocolPolicy(ViewerProtocolPolicy.ALLOW_ALL) .targetOriginId(originId) .minTTL(200L) .forwardedValues(b5 -> b5 .cookies(cp -> cp .forward(ItemSelection.NONE)) .queryString(true)) .trustedKeyGroups(b3 -> b3 .quantity(1) .items(keyGroupId) .enabled(true)) .allowedMethods(b4 -> b4 .quantity(2) .items(Method.HEAD, Method.GET) .cachedMethods(b5 -> b5 .quantity(2) .items(Method.HEAD, Method.GET)))) .cacheBehaviors(b -> b .quantity(1) .items(b2 -> b2 .pathPattern("/index.html") .viewerProtocolPolicy( ViewerProtocolPolicy.ALLOW_ALL) .targetOriginId(originId) .trustedKeyGroups(b3 -> b3 .quantity(1) .items(keyGroupId) .enabled(true)) .minTTL(200L) .forwardedValues(b4 -> b4 .cookies(cp -> cp .forward(ItemSelection.NONE)) .queryString(true)) .allowedMethods(b5 -> b5.quantity(2) .items(Method.HEAD, Method.GET) .cachedMethods(b6 -> b6 .quantity(2) .items(Method.HEAD, Method.GET))))) .enabled(true) .comment("Distribution built with java") .callerReference(Instant.now().toString()))); final Distribution distribution = createDistResponse.distribution(); logger.info("Distribution created. DomainName: [{}] Id: [{}]", distribution.domainName(), distribution.id()); logger.info("Waiting for distribution to be deployed ..."); try (CloudFrontWaiter cfWaiter = CloudFrontWaiter.builder().client(cloudFrontClient).build()) { ResponseOrException<GetDistributionResponse> responseOrException = cfWaiter .waitUntilDistributionDeployed(builder -> builder.id(distribution.id())) .matched(); responseOrException.response() .orElseThrow(() -> new RuntimeException("Distribution not created")); logger.info("Distribution deployed. DomainName: [{}] Id: [{}]", distribution.domainName(), distribution.id()); } return distribution; } }
  • 有关API详细信息,请参阅 “Amazon SDK for Java 2.x API参考 CreateDistribution” 中的。

以下代码示例演示如何使用 CreateFunction

SDK适用于 Java 2.x
注意

还有更多相关信息 GitHub。查找完整示例,学习如何在 Amazon 代码示例存储库中进行设置和运行。

import software.amazon.awssdk.core.SdkBytes; import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cloudfront.CloudFrontClient; import software.amazon.awssdk.services.cloudfront.model.CloudFrontException; import software.amazon.awssdk.services.cloudfront.model.CreateFunctionRequest; import software.amazon.awssdk.services.cloudfront.model.CreateFunctionResponse; import software.amazon.awssdk.services.cloudfront.model.FunctionConfig; import software.amazon.awssdk.services.cloudfront.model.FunctionRuntime; import java.io.InputStream; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class CreateFunction { public static void main(String[] args) { final String usage = """ Usage: <functionName> <filePath> Where: functionName - The name of the function to create.\s filePath - The path to a file that contains the application logic for the function.\s """; if (args.length != 2) { System.out.println(usage); System.exit(1); } String functionName = args[0]; String filePath = args[1]; CloudFrontClient cloudFrontClient = CloudFrontClient.builder() .region(Region.AWS_GLOBAL) .build(); String funArn = createNewFunction(cloudFrontClient, functionName, filePath); System.out.println("The function ARN is " + funArn); cloudFrontClient.close(); } public static String createNewFunction(CloudFrontClient cloudFrontClient, String functionName, String filePath) { try { InputStream fileIs = CreateFunction.class.getClassLoader().getResourceAsStream(filePath); SdkBytes functionCode = SdkBytes.fromInputStream(fileIs); FunctionConfig config = FunctionConfig.builder() .comment("Created by using the CloudFront Java API") .runtime(FunctionRuntime.CLOUDFRONT_JS_1_0) .build(); CreateFunctionRequest functionRequest = CreateFunctionRequest.builder() .name(functionName) .functionCode(functionCode) .functionConfig(config) .build(); CreateFunctionResponse response = cloudFrontClient.createFunction(functionRequest); return response.functionSummary().functionMetadata().functionARN(); } catch (CloudFrontException e) { System.err.println(e.getMessage()); System.exit(1); } return ""; } }
  • 有关API详细信息,请参阅 “Amazon SDK for Java 2.x API参考 CreateFunction” 中的。

以下代码示例演示如何使用 CreateKeyGroup

SDK适用于 Java 2.x
注意

还有更多相关信息 GitHub。查找完整示例,学习如何在 Amazon 代码示例存储库中进行设置和运行。

密钥组需要至少一个用于验证已签名URLs或 Cookie 的公钥。

import org.slf4j.Logger; import org.slf4j.LoggerFactory; import software.amazon.awssdk.services.cloudfront.CloudFrontClient; import java.util.UUID; public class CreateKeyGroup { private static final Logger logger = LoggerFactory.getLogger(CreateKeyGroup.class); public static String createKeyGroup(CloudFrontClient cloudFrontClient, String publicKeyId) { String keyGroupId = cloudFrontClient.createKeyGroup(b -> b.keyGroupConfig(c -> c .items(publicKeyId) .name("JavaKeyGroup" + UUID.randomUUID()))) .keyGroup().id(); logger.info("KeyGroup created with ID: [{}]", keyGroupId); return keyGroupId; } }
  • 有关API详细信息,请参阅 “Amazon SDK for Java 2.x API参考 CreateKeyGroup” 中的。

以下代码示例演示如何使用 CreatePublicKey

SDK适用于 Java 2.x
注意

还有更多相关信息 GitHub。查找完整示例,学习如何在 Amazon 代码示例存储库中进行设置和运行。

以下代码示例读取公钥并将其上传到 Amazon CloudFront。

import org.slf4j.Logger; import org.slf4j.LoggerFactory; import software.amazon.awssdk.services.cloudfront.CloudFrontClient; import software.amazon.awssdk.services.cloudfront.model.CreatePublicKeyResponse; import software.amazon.awssdk.utils.IoUtils; import java.io.IOException; import java.io.InputStream; import java.util.UUID; public class CreatePublicKey { private static final Logger logger = LoggerFactory.getLogger(CreatePublicKey.class); public static String createPublicKey(CloudFrontClient cloudFrontClient, String publicKeyFileName) { try (InputStream is = CreatePublicKey.class.getClassLoader().getResourceAsStream(publicKeyFileName)) { String publicKeyString = IoUtils.toUtf8String(is); CreatePublicKeyResponse createPublicKeyResponse = cloudFrontClient .createPublicKey(b -> b.publicKeyConfig(c -> c .name("JavaCreatedPublicKey" + UUID.randomUUID()) .encodedKey(publicKeyString) .callerReference(UUID.randomUUID().toString()))); String createdPublicKeyId = createPublicKeyResponse.publicKey().id(); logger.info("Public key created with id: [{}]", createdPublicKeyId); return createdPublicKeyId; } catch (IOException e) { throw new RuntimeException(e); } } }
  • 有关API详细信息,请参阅 “Amazon SDK for Java 2.x API参考 CreatePublicKey” 中的。

以下代码示例演示如何使用 DeleteDistribution

SDK适用于 Java 2.x
注意

还有更多相关信息 GitHub。查找完整示例,学习如何在 Amazon 代码示例存储库中进行设置和运行。

以下代码示例将分配更新为禁用,使用 waiter 等待更改部署完成,然后删除该分配。

import org.slf4j.Logger; import org.slf4j.LoggerFactory; import software.amazon.awssdk.core.internal.waiters.ResponseOrException; import software.amazon.awssdk.services.cloudfront.CloudFrontClient; import software.amazon.awssdk.services.cloudfront.model.DeleteDistributionResponse; import software.amazon.awssdk.services.cloudfront.model.DistributionConfig; import software.amazon.awssdk.services.cloudfront.model.GetDistributionResponse; import software.amazon.awssdk.services.cloudfront.waiters.CloudFrontWaiter; public class DeleteDistribution { private static final Logger logger = LoggerFactory.getLogger(DeleteDistribution.class); public static void deleteDistribution(final CloudFrontClient cloudFrontClient, final String distributionId) { // First, disable the distribution by updating it. GetDistributionResponse response = cloudFrontClient.getDistribution(b -> b .id(distributionId)); String etag = response.eTag(); DistributionConfig distConfig = response.distribution().distributionConfig(); cloudFrontClient.updateDistribution(builder -> builder .id(distributionId) .distributionConfig(builder1 -> builder1 .cacheBehaviors(distConfig.cacheBehaviors()) .defaultCacheBehavior(distConfig.defaultCacheBehavior()) .enabled(false) .origins(distConfig.origins()) .comment(distConfig.comment()) .callerReference(distConfig.callerReference()) .defaultCacheBehavior(distConfig.defaultCacheBehavior()) .priceClass(distConfig.priceClass()) .aliases(distConfig.aliases()) .logging(distConfig.logging()) .defaultRootObject(distConfig.defaultRootObject()) .customErrorResponses(distConfig.customErrorResponses()) .httpVersion(distConfig.httpVersion()) .isIPV6Enabled(distConfig.isIPV6Enabled()) .restrictions(distConfig.restrictions()) .viewerCertificate(distConfig.viewerCertificate()) .webACLId(distConfig.webACLId()) .originGroups(distConfig.originGroups())) .ifMatch(etag)); logger.info("Distribution [{}] is DISABLED, waiting for deployment before deleting ...", distributionId); GetDistributionResponse distributionResponse; try (CloudFrontWaiter cfWaiter = CloudFrontWaiter.builder().client(cloudFrontClient).build()) { ResponseOrException<GetDistributionResponse> responseOrException = cfWaiter .waitUntilDistributionDeployed(builder -> builder.id(distributionId)).matched(); distributionResponse = responseOrException.response() .orElseThrow(() -> new RuntimeException("Could not disable distribution")); } DeleteDistributionResponse deleteDistributionResponse = cloudFrontClient .deleteDistribution(builder -> builder .id(distributionId) .ifMatch(distributionResponse.eTag())); if (deleteDistributionResponse.sdkHttpResponse().isSuccessful()) { logger.info("Distribution [{}] DELETED", distributionId); } } }
  • 有关API详细信息,请参阅 “Amazon SDK for Java 2.x API参考 DeleteDistribution” 中的。

以下代码示例演示如何使用 UpdateDistribution

SDK适用于 Java 2.x
注意

还有更多相关信息 GitHub。查找完整示例,学习如何在 Amazon 代码示例存储库中进行设置和运行。

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cloudfront.CloudFrontClient; import software.amazon.awssdk.services.cloudfront.model.GetDistributionRequest; import software.amazon.awssdk.services.cloudfront.model.GetDistributionResponse; import software.amazon.awssdk.services.cloudfront.model.Distribution; import software.amazon.awssdk.services.cloudfront.model.DistributionConfig; import software.amazon.awssdk.services.cloudfront.model.UpdateDistributionRequest; import software.amazon.awssdk.services.cloudfront.model.CloudFrontException; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class ModifyDistribution { public static void main(String[] args) { final String usage = """ Usage: <id>\s Where: id - the id value of the distribution.\s """; if (args.length != 1) { System.out.println(usage); System.exit(1); } String id = args[0]; CloudFrontClient cloudFrontClient = CloudFrontClient.builder() .region(Region.AWS_GLOBAL) .build(); modDistribution(cloudFrontClient, id); cloudFrontClient.close(); } public static void modDistribution(CloudFrontClient cloudFrontClient, String idVal) { try { // Get the Distribution to modify. GetDistributionRequest disRequest = GetDistributionRequest.builder() .id(idVal) .build(); GetDistributionResponse response = cloudFrontClient.getDistribution(disRequest); Distribution disObject = response.distribution(); DistributionConfig config = disObject.distributionConfig(); // Create a new DistributionConfig object and add new values to comment and // aliases DistributionConfig config1 = DistributionConfig.builder() .aliases(config.aliases()) // You can pass in new values here .comment("New Comment") .cacheBehaviors(config.cacheBehaviors()) .priceClass(config.priceClass()) .defaultCacheBehavior(config.defaultCacheBehavior()) .enabled(config.enabled()) .callerReference(config.callerReference()) .logging(config.logging()) .originGroups(config.originGroups()) .origins(config.origins()) .restrictions(config.restrictions()) .defaultRootObject(config.defaultRootObject()) .webACLId(config.webACLId()) .httpVersion(config.httpVersion()) .viewerCertificate(config.viewerCertificate()) .customErrorResponses(config.customErrorResponses()) .build(); UpdateDistributionRequest updateDistributionRequest = UpdateDistributionRequest.builder() .distributionConfig(config1) .id(disObject.id()) .ifMatch(response.eTag()) .build(); cloudFrontClient.updateDistribution(updateDistributionRequest); } catch (CloudFrontException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }
  • 有关API详细信息,请参阅 “Amazon SDK for Java 2.x API参考 UpdateDistribution” 中的。

场景

以下代码示例演示了如何删除用于访问 Amazon Simple Storage Service (Amazon S3) 桶中的受限内容的资源。

SDK适用于 Java 2.x
注意

还有更多相关信息 GitHub。查找完整示例,学习如何在 Amazon 代码示例存储库中进行设置和运行。

import org.slf4j.Logger; import org.slf4j.LoggerFactory; import software.amazon.awssdk.services.cloudfront.CloudFrontClient; import software.amazon.awssdk.services.cloudfront.model.DeleteKeyGroupResponse; import software.amazon.awssdk.services.cloudfront.model.DeleteOriginAccessControlResponse; import software.amazon.awssdk.services.cloudfront.model.DeletePublicKeyResponse; import software.amazon.awssdk.services.cloudfront.model.GetKeyGroupResponse; import software.amazon.awssdk.services.cloudfront.model.GetOriginAccessControlResponse; import software.amazon.awssdk.services.cloudfront.model.GetPublicKeyResponse; public class DeleteSigningResources { private static final Logger logger = LoggerFactory.getLogger(DeleteSigningResources.class); public static void deleteOriginAccessControl(final CloudFrontClient cloudFrontClient, final String originAccessControlId) { GetOriginAccessControlResponse getResponse = cloudFrontClient .getOriginAccessControl(b -> b.id(originAccessControlId)); DeleteOriginAccessControlResponse deleteResponse = cloudFrontClient.deleteOriginAccessControl(builder -> builder .id(originAccessControlId) .ifMatch(getResponse.eTag())); if (deleteResponse.sdkHttpResponse().isSuccessful()) { logger.info("Successfully deleted Origin Access Control [{}]", originAccessControlId); } } public static void deleteKeyGroup(final CloudFrontClient cloudFrontClient, final String keyGroupId) { GetKeyGroupResponse getResponse = cloudFrontClient.getKeyGroup(b -> b.id(keyGroupId)); DeleteKeyGroupResponse deleteResponse = cloudFrontClient.deleteKeyGroup(builder -> builder .id(keyGroupId) .ifMatch(getResponse.eTag())); if (deleteResponse.sdkHttpResponse().isSuccessful()) { logger.info("Successfully deleted Key Group [{}]", keyGroupId); } } public static void deletePublicKey(final CloudFrontClient cloudFrontClient, final String publicKeyId) { GetPublicKeyResponse getResponse = cloudFrontClient.getPublicKey(b -> b.id(publicKeyId)); DeletePublicKeyResponse deleteResponse = cloudFrontClient.deletePublicKey(builder -> builder .id(publicKeyId) .ifMatch(getResponse.eTag())); if (deleteResponse.sdkHttpResponse().isSuccessful()) { logger.info("Successfully deleted Public Key [{}]", publicKeyId); } } }

以下代码示例显示了如何创建允许访问受限资源的签名URLs和 Cookie。

SDK适用于 Java 2.x
注意

还有更多相关信息 GitHub。查找完整示例,学习如何在 Amazon 代码示例存储库中进行设置和运行。

使用CannedSignerRequest课堂签名URLs或使用罐装政策制作饼干。

import software.amazon.awssdk.services.cloudfront.model.CannedSignerRequest; import java.net.URL; import java.nio.file.Path; import java.nio.file.Paths; import java.time.Instant; import java.time.temporal.ChronoUnit; public class CreateCannedPolicyRequest { public static CannedSignerRequest createRequestForCannedPolicy(String distributionDomainName, String fileNameToUpload, String privateKeyFullPath, String publicKeyId) throws Exception { String protocol = "https"; String resourcePath = "/" + fileNameToUpload; String cloudFrontUrl = new URL(protocol, distributionDomainName, resourcePath).toString(); Instant expirationDate = Instant.now().plus(7, ChronoUnit.DAYS); Path path = Paths.get(privateKeyFullPath); return CannedSignerRequest.builder() .resourceUrl(cloudFrontUrl) .privateKey(path) .keyPairId(publicKeyId) .expirationDate(expirationDate) .build(); } }

使用CustomSignerRequest课堂签名URLs或使用自定义策略进行 Cookie。activeDateipRange 是可选方法。

import software.amazon.awssdk.services.cloudfront.model.CustomSignerRequest; import java.net.URL; import java.nio.file.Path; import java.nio.file.Paths; import java.time.Instant; import java.time.temporal.ChronoUnit; public class CreateCustomPolicyRequest { public static CustomSignerRequest createRequestForCustomPolicy(String distributionDomainName, String fileNameToUpload, String privateKeyFullPath, String publicKeyId) throws Exception { String protocol = "https"; String resourcePath = "/" + fileNameToUpload; String cloudFrontUrl = new URL(protocol, distributionDomainName, resourcePath).toString(); Instant expireDate = Instant.now().plus(7, ChronoUnit.DAYS); // URL will be accessible tomorrow using the signed URL. Instant activeDate = Instant.now().plus(1, ChronoUnit.DAYS); Path path = Paths.get(privateKeyFullPath); return CustomSignerRequest.builder() .resourceUrl(cloudFrontUrl) .privateKey(path) .keyPairId(publicKeyId) .expirationDate(expireDate) .activeDate(activeDate) // Optional. // .ipRange("192.168.0.1/24") // Optional. .build(); } }

以下示例演示如何使用CloudFrontUtilities类生成签名 Cookie 和URLs。在上@@ 查看此代码示例 GitHub。

import org.slf4j.Logger; import org.slf4j.LoggerFactory; import software.amazon.awssdk.services.cloudfront.CloudFrontUtilities; import software.amazon.awssdk.services.cloudfront.cookie.CookiesForCannedPolicy; import software.amazon.awssdk.services.cloudfront.cookie.CookiesForCustomPolicy; import software.amazon.awssdk.services.cloudfront.model.CannedSignerRequest; import software.amazon.awssdk.services.cloudfront.model.CustomSignerRequest; import software.amazon.awssdk.services.cloudfront.url.SignedUrl; public class SigningUtilities { private static final Logger logger = LoggerFactory.getLogger(SigningUtilities.class); private static final CloudFrontUtilities cloudFrontUtilities = CloudFrontUtilities.create(); public static SignedUrl signUrlForCannedPolicy(CannedSignerRequest cannedSignerRequest) { SignedUrl signedUrl = cloudFrontUtilities.getSignedUrlWithCannedPolicy(cannedSignerRequest); logger.info("Signed URL: [{}]", signedUrl.url()); return signedUrl; } public static SignedUrl signUrlForCustomPolicy(CustomSignerRequest customSignerRequest) { SignedUrl signedUrl = cloudFrontUtilities.getSignedUrlWithCustomPolicy(customSignerRequest); logger.info("Signed URL: [{}]", signedUrl.url()); return signedUrl; } public static CookiesForCannedPolicy getCookiesForCannedPolicy(CannedSignerRequest cannedSignerRequest) { CookiesForCannedPolicy cookiesForCannedPolicy = cloudFrontUtilities .getCookiesForCannedPolicy(cannedSignerRequest); logger.info("Cookie EXPIRES header [{}]", cookiesForCannedPolicy.expiresHeaderValue()); logger.info("Cookie KEYPAIR header [{}]", cookiesForCannedPolicy.keyPairIdHeaderValue()); logger.info("Cookie SIGNATURE header [{}]", cookiesForCannedPolicy.signatureHeaderValue()); return cookiesForCannedPolicy; } public static CookiesForCustomPolicy getCookiesForCustomPolicy(CustomSignerRequest customSignerRequest) { CookiesForCustomPolicy cookiesForCustomPolicy = cloudFrontUtilities .getCookiesForCustomPolicy(customSignerRequest); logger.info("Cookie POLICY header [{}]", cookiesForCustomPolicy.policyHeaderValue()); logger.info("Cookie KEYPAIR header [{}]", cookiesForCustomPolicy.keyPairIdHeaderValue()); logger.info("Cookie SIGNATURE header [{}]", cookiesForCustomPolicy.signatureHeaderValue()); return cookiesForCustomPolicy; } }
  • 有关API详细信息,请参阅 “Amazon SDK for Java 2.x API参考 CloudFrontUtilities” 中的。