我目前正在使用AWS Cloudfront自定义策略来创建签名的URL。问题是资源密钥(s3存储桶中的对象)似乎无法包含通配符。它适用于单个资源密钥。请找到代码片段。任何帮助,将不胜感激。
<?php
use Aws\CloudFront\CloudFrontClient;
$cloudfront = new CloudFrontClient([
'region' => 'xx-xxxx-x',
'version' => 'latest',
]);
$organization_id = (string)$_SESSION['organization_id'];
$baseurl = 'https://xxxxxxxxxxxxxx.xxxxxxxxxx.xxx/folder1/';
$resourceKey = '/folder2/folder3/file1.csv';
//$resourceKey = '/folder2/folder3/*';
$url = $baseurl.$organization_id.$resourceKey;
$expires = time() + 14400;
$customSigningPolicy = <<<POLICY
{
"Statement": [
{
"Resource": "{$url}",
"Condition": {
"DateLessThan": {"AWS:EpochTime": {$expires}}
}
}
]
}
POLICY;
$signedUrl = $cloudfront->getSignedUrl([
'url' => $url,
'policy' => $customSigningPolicy,
'key_pair_id' => 'XXXXXXXXXXXXXXXXXXXX',
'private_key' => './pk-XXXXXXXXXXXXXXXXXXXX.pem'
]);
echo $signedUrl;
?>