2019-01-22 19:39:22 -08:00
< ? php
2020-05-19 16:07:59 -07:00
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
2024-02-05 10:49:20 -07:00
2019-01-22 19:39:22 -08:00
// snippet-start:[cloudfront.php.private_distribution.complete]
// snippet-start:[cloudfront.php.private_distribution.import]
require 'vendor/autoload.php' ;
2024-02-05 10:49:20 -07:00
2019-01-22 19:39:22 -08:00
use Aws\CloudFront\CloudFrontClient ;
use Aws\Exception\AwsException ;
2024-02-05 10:49:20 -07:00
2019-01-22 19:39:22 -08:00
// snippet-end:[cloudfront.php.private_distribution.import]
2024-02-05 10:49:20 -07:00
2020-05-19 16:07:59 -07:00
/* ////////////////////////////////////////////////////////////////////////////
2020-05-26 14:37:50 -07:00
* Purpose: Gets a signed URL that viewers need to
* access restricted content in a specially configured Amazon CloudFront
2020-05-22 14:15:19 -07:00
* distribution.
2020-05-19 16:07:59 -07:00
*
2020-05-22 14:15:19 -07:00
* Prerequisites: A CloudFront distribution that is specially configured for
* restricted access, and a CloudFront key pair. For more information, see
* "Serving Private Content with Signed URLs and Signed Cookies" in the
* Amazon CloudFront Developer Guide.
2020-05-19 16:07:59 -07:00
*
* Inputs:
2020-05-22 14:15:19 -07:00
* - $cloudFrontClient: An initialized CloudFront client.
* - $resourceKey: A CloudFront URL to the restricted content.
* - $expires: The expiration date and time for access requests, in
* UTC Unix timestamp format.
* - $privateKey: The path to the CloudFront private key file, in .pem format.
* - $keyPairId: The corresponding CloudFront key pair ID.
2020-05-19 16:07:59 -07:00
*
2020-05-22 14:15:19 -07:00
* Returns: The signed URL; otherwise, the error message.
2020-05-19 16:07:59 -07:00
* ///////////////////////////////////////////////////////////////////////// */
2024-02-05 10:49:20 -07:00
2019-01-22 19:39:22 -08:00
// snippet-start:[cloudfront.php.private_distribution.main]
2020-05-22 14:15:19 -07:00
function signPrivateDistribution (
$cloudFrontClient ,
$resourceKey ,
$expires ,
$privateKey ,
$keyPairId
2020-05-19 16:07:59 -07:00
) {
2020-05-22 14:15:19 -07:00
try {
$result = $cloudFrontClient -> getSignedUrl ([
'url' => $resourceKey ,
'expires' => $expires ,
'private_key' => $privateKey ,
'key_pair_id' => $keyPairId
]);
2024-02-05 10:49:20 -07:00
2020-05-22 14:15:19 -07:00
return $result ;
} catch ( AwsException $e ) {
return 'Error: ' . $e -> getAwsErrorMessage ();
2024-02-05 10:49:20 -07:00
}
2020-05-22 14:15:19 -07:00
}
2024-02-05 10:49:20 -07:00
2020-05-19 16:07:59 -07:00
function signAPrivateDistribution ()
{
2020-05-22 14:15:19 -07:00
$resourceKey = 'https://d13l49jEXAMPLE.cloudfront.net/my-file.txt' ;
$expires = time () + 300 ; // 5 minutes (5 * 60 seconds) from now.
$privateKey = dirname ( __DIR__ ) . '/cloudfront/my-private-key.pem' ;
2020-05-26 08:29:23 -07:00
$keyPairId = 'AAPKAJIKZATYYYEXAMPLE' ;
2024-02-05 10:49:20 -07:00
2020-05-22 14:15:19 -07:00
$cloudFrontClient = new CloudFrontClient ([
'profile' => 'default' ,
2023-10-03 14:06:31 -04:00
'version' => '2018-06-18' ,
2020-05-22 14:15:19 -07:00
'region' => 'us-east-1'
]);
2024-02-05 10:49:20 -07:00
2020-05-22 14:15:19 -07:00
echo signPrivateDistribution (
$cloudFrontClient ,
$resourceKey ,
$expires ,
$privateKey ,
$keyPairId
);
2020-05-19 16:07:59 -07:00
}
2024-02-05 10:49:20 -07:00
2020-05-19 16:07:59 -07:00
// Uncomment the following line to run this code in an AWS account.
2020-05-22 14:15:19 -07:00
// signAPrivateDistribution();
2019-01-22 19:39:22 -08:00
// snippet-end:[cloudfront.php.private_distribution.main]
// snippet-end:[cloudfront.php.private_distribution.complete]
