Acceder a Amazon Services S3 , desde Java
http://localhost:9444/s3/private/canstockphoto20822965_comp.jpg?noAuth=true
GET
en amazon, para algo publico seria - al bucket "private"
private.s3.amazonaws.com/<archivo>
o tambien
s3.amazonaws.com/private/<archivo>
en s3ninja
http://localhost:9444/s3/private/<archivo>?noAuth=true
cambiar publico/privado
Tengo que cambiar el ACL el objeto que quiero descargar
PUEDO HACERLO CON
Temporarily make an Object available to anyone
A private object stored in S3 can be made publicly available for a limited time using a signed URL. The signed URL can be used by anyone to download the object, yet it includes a date and time after which the URL will no longer work.
// Create a private object in S3.
S3Bucket privateBucket = new S3Bucket("privateBucket");
S3Object privateObject = new S3Object(
privateBucket, "privateObject.txt", "This object is private");
s3Service.createBucket(privateBucket);
s3Service.putObject(privateBucket, privateObject);
// Determine what the time will be in 5 minutes.
Calendar cal = Calendar.getInstance();
cal.add(Calendar.MINUTE, 5);
Date expiryDate = cal.getTime();
Create a signed HTTP GET URL valid for 5 minutes. If you use the generated URL in a web browser within 5 minutes, you will be able to view the object's contents. After 5 minutes, the URL will no longer work and you will only see an Access Denied message.
String signedUrl = s3Service.createSignedGetUrl(
privateBucket.getName(), privateObject.getKey(), expiryDate, false);
System.out.println("Signed URL: " + signedUrl);
MAS INFO
http://www.jets3t.org/toolkit/code-samples.html#gs-acl
TUTORIAL AMAZON S3
1) primero instancio un cliente
// establezco las credenciales
BasicAWSCredentials awsCreds = new BasicAWSCredentials(access_key_id, secret_access_key)
// creo la instancia con las credenciales
AmazonS3 s3Client = new AmazonS3Client(awsCreds);
// selecciono la region
// esto es solamente para que trabaje con el servicio mas cercano fisicamente... no creo que lo tengamos que especificar
// AVANZADO: configuro la conexion
// quiza pueda especificar un servidor local para poder trabajar... ver
// clase que instancio, y le paso al cliente
// com.amazonaws.ClientConfiguration
// ClientConfiguration.setLocalAddress(java.net.InetAddress localAddress) // probar con getLocalAddress a ver que me da...
// Excepciones
AmazonServiceException: error que ocurrio en el server
AmazonClientException: en el cliente
IllegalArgumentException: pasados mal los datos
// logging
http://docs.aws.amazon.com/AWSSdkDocsJava/latest//DeveloperGuide/java-dg-logging.html
// Access
// Creo un Statement, al que le especifico que permita a todos los usuarios obtener los recursos de myBucketName
Statement allowPublicReadStatement = new Statement(Effect.Allow) // permito
.withPrincipals(Principal.AllUsers) // a todos los usuarios
.withActions(S3Actions.GetObject) // obtener recursos
.withResources(new S3ObjectResource(myBucketName, "*")); // todos
// instancio la Policy con el Statement creado
Policy policy = new Policy().withStatements(allowPublicReadStatement, restricn, kakaka,ollaa);
// le establezco al client la policy
s3Client.setBucketPolicy(myBucketName, policy.toJson());
agregado filtro ip y fecha..
Statement ....
.withConditions(
new Condition()
.withType("IpAddress")
.withConditionKey("aws:SourceIp")
.withValues("192.0.2.0/24", "203.0.113.0/24"),
new Condition()
.withType("DateLessThan")
.withConditionKey("aws:CurrentTime")
.withValues("2013-12-15T12:00:00Z") // ISO8601
)
Mas info aca
http://docs.aws.amazon.com/IAM/latest/UserGuide/AccessPolicyLanguage_ElementDescriptions.html#Condition
{
"Version": "2012-10-17",
"Id": "S3PolicyId1",
"Statement": [
{
"Sid": "IPAllow",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::examplebucket/cartaporte123.pdf",
"Condition" : {
"DateLessThan": {
"aws:CurrentTime" : "2013-08-16T15:00:00Z"
},
"IpAddress" : {
"aws:SourceIp" : ["192.0.2.0/24", "203.0.113.0/24"]
} }
}
]
}
https://cartasporte.s3.amazonaws.com/50_9945130.pdf
vps: 107.170.14.224
threads: 186.148.128.21
* TESTEAR LA IMPLEMENTACION - SUBIR ALGUNAS CARTAS DE PORTE - PDF REALES DE EJEMPLO
AGREGAR EN GISTBOX GUIA AWS