drugforge.data.services.aws.cloudfront.CloudFront

class drugforge.data.services.aws.cloudfront.CloudFront(domain_name: str, key_id: str, private_key_pem_path: PathLike)[source]

Bases: object

__init__(domain_name: str, key_id: str, private_key_pem_path: PathLike)[source]

Create an interface to AWS CloudFront.

Parameters:

domain_name – The domain name of the CloudFront Distribution to use.
key_id – The ID of the public key registered on CloudFront to use for signing URLs.
private_key_pem_path – Path to the private key, in PEM format, to use for signing. Must correspond to the public key registered on CloudFront under key_id.

Examples

Instantiate an instance of this class, corresponding to an existing CloudFront Distribution you have access to:

>>> cf = CloudFront('example123.cloudfront.net',
                    key_id='K2NIOFADFASNFK',
                    private_key_pem_path='./cloudfront_rsa')

Use the instance to generate a signed URL for an object hosted on the S3 bucket the Distribution serves, with an expiration of midnight on July 5, 2028:

>>> url = cf.generate_signed_url('path/within/bucket/to/object',
                                 expire=datetime(2028,7,5))

This url can then be used to access the object in the S3 bucket from anywhere, even though the bucket itself is private. Treat the URL with care, and distribute only where it is needed for users that should have access to the object.

Methods

`__init__`(domain_name, key_id, ...)	Create an interface to AWS CloudFront.
`from_settings`(settings)	Create an interface to AWS CloudFront from a `CloudfrontSettings` object.
`generate_signed_url`(object_path, expire)	Generate a signed URL for a given object hosted on S3, served through CloudFront.

classmethod from_settings(settings)[source]

Create an interface to AWS CloudFront from a CloudfrontSettings object.

Parameters:: settings – A CloudfrontSettings object.
Returns:: CloudFront interface object.
Return type:: CloudFront

generate_signed_url(object_path: str, expire: datetime)[source]

Generate a signed URL for a given object hosted on S3, served through CloudFront.

Parameters:

object_path – The path of the target object within its S3 bucket. No leading slash.
expire – Expiration datetime of the signed URL. Can be set arbitrarily far into the future. A signed URL with an expire datetime in the past is no longer valid for use.