AWS Code Sample
Catalog

SignPrivateDistributionPolicy.php

SignPriveDistributionPolicy.php demonstrates how to provide users access to your private content using an Amazon CloudFront Distribution and custom policy.

<?php /** * Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * This file is licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. A copy of * the License is located at * * http://aws.amazon.com/apache2.0/ * * This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR * CONDITIONS OF ANY KIND, either express or implied. See the License for the * specific language governing permissions and limitations under the License. * * ABOUT THIS PHP SAMPLE => This sample is part of the SDK for PHP Developer Guide topic at * https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html#invalidation-specifying-objects * */ require 'vendor/autoload.php'; use Aws\CloudFront\CloudFrontClient; use Aws\Exception\AwsException; /** * Get a Signed URL for an Amazon CloudFront Distribution using a custom policy. * * This code expects that you have AWS credentials set up per: * https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html */ // Create a CloudFront Client $client = new Aws\CloudFront\CloudFrontClient([ 'profile' => 'default', 'version' => '2014-11-06', 'region' => 'us-east-2' ]); // Set up parameter values for the resource $customPolicy = <<<POLICY { "Statement": [ { "Resource": "{$resourceKey}", "Condition": { "IpAddress": {"AWS:SourceIp": "{$_SERVER['REMOTE_ADDR']}/32"}, "DateLessThan": {"AWS:EpochTime": {$expires}} } } ] } POLICY; $resourceKey = 'rtmp://example-distribution.cloudfront.net/videos/example.mp4'; // Create a signed URL for the resource using the canned policy $signedUrlCannedPolicy = $cloudFront->getSignedUrl([ 'url' => $resourceKey, 'policy' => $customPolicy, 'private_key' => '/path/to/your/cloudfront-private-key.pem', 'key_pair_id' => '<CloudFront key pair id>' ]); foreach ($signedUrlCannedPolicy as $name => $value) { setcookie($name, $value, 0, "", "example-distribution.cloudfront.net", true, true); }

Sample Details

Service: cloudfront

Last tested: 2018-12-27

Author: jschwarzwalder (AWS)

Type: full-example

On this page: