Commit 9092c28

authored

Java V2 Add Cloud Front examples (#7543)

* test the files in this PR * updated the Readme

1 parent 3e54899 commit 9092c28Copy full SHA for 9092c28

File tree

8 files changed

+594

-4

lines changed

.doc_gen/metadata
- cloudfront_metadata.yaml
javav2/example_code/cloudfront
- README.md
- pom.xml
- src
  - main
    - java/com/example/cloudfront
    - resources
      - config.properties
  - test/java
    - SaaSManagerTest.java

8 files changed

+594

-4

lines changed

`‎.doc_gen/metadata/cloudfront_metadata.yaml‎`

Lines changed: 50 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -80,6 +80,56 @@ cloudfront_CreateDistribution:`
`80`	`80`	`- cloudfront.java2.createdistribution.main`
`81`	`81`	`services:`
`82`	`82`	`cloudfront: {CreateDistribution}`
	`83`	`+cloudfront_CreateSaasResources:`
	`84`	`+ title: Create SaaS manager resources &AWS; SDK`
	`85`	`+ title_abbrev: Create a multi-tenant distribution and distribution tenant`
	`86`	`+ synopsis: create a multi-tenant distribution and distribution tenant with various configurations.`
	`87`	`+ category: Scenarios`
	`88`	`+ languages:`
	`89`	`+ Java:`
	`90`	`+ versions:`
	`91`	`+ - sdk_version: 2`
	`92`	`+ github: javav2/example_code/cloudfront`
	`93`	`+ sdkguide:`
	`94`	`+ excerpts:`
	`95`	`+ - description: >-`
	`96`	`+ The following example demonstrates how to create a multi-tenant distribution with parameters and wildcard certificate.`
	`97`	`+ snippet_tags:`
	`98`	`+ - cloudfront.java2.createmultitenantdistribution.import`
	`99`	`+ - cloudfront.java2.createmultitenantdistribution.main`
	`100`	`+ - description: >-`
	`101`	`+ The following example demonstrates how to create a distribution tenant associated with that template, including utilizing the parameter we declared above. Note that we don't need to add certificate info here because our domain is already covered by the parent template.`
	`102`	`+ snippet_tags:`
	`103`	`+ - cloudfront.java2.createdistributiontenant.import`
	`104`	`+ - cloudfront.java2.createdistributiontenant.title`
	`105`	`+ - cloudfront.java2.createdistributiontenant.nocert`
	`106`	`+ - cloudfront.java2.createdistributiontenant.closebrace`
	`107`	`+ - description: >-`
	`108`	`+ If the viewer certificate was omitted from the parent template, you would need to add certificate info on the tenant(s) associated with it instead.`
	`109`	`+ The following example demonstrates how to do so via an ACM certificate arn that covers the necessary domain for the tenant.`
	`110`	`+ snippet_tags:`
	`111`	`+ - cloudfront.java2.createdistributiontenant.import`
	`112`	`+ - cloudfront.java2.createdistributiontenant.title`
	`113`	`+ - cloudfront.java2.createdistributiontenant.withcert`
	`114`	`+ - cloudfront.java2.createdistributiontenant.closebrace`
	`115`	`+ - description: >-`
	`116`	`+ The following example demonstrates how to do so with a CloudFront-hosted managed certificate request. This is ideal if you don't already have traffic towards your domain.`
	`117`	`+ In this case, we create a ConnectionGroup to generate a RoutingEndpoint. Then we use that RoutingEndpoint to create DNS records which verify domain ownership and point to CloudFront. CloudFront will then automatically serve a token to validate domain ownership and create a managed certificate.`
	`118`	`+ snippet_tags:`
	`119`	`+ - cloudfront.java2.createdistributiontenant.import`
	`120`	`+ - cloudfront.java2.createdistributiontenant.title`
	`121`	`+ - cloudfront.java2.createdistributiontenant.cfhosted`
	`122`	`+ - cloudfront.java2.createdistributiontenant.closebrace`
	`123`	`+ - description: >-`
	`124`	`+ The following example demonstrates how to do so with a self-hosted managed certificate request. This is ideal if you have traffic towards your domain and can't tolerate downtime during a migration.`
	`125`	`+ At the end of this example, the Tenant will be created in a state awaiting domain validation and DNS setup. Follow steps [here](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/managed-cloudfront-certificates.html#complete-domain-ownership) to complete setup when you are ready to migrate traffic.`
	`126`	`+ snippet_tags:`
	`127`	`+ - cloudfront.java2.createdistributiontenant.import`
	`128`	`+ - cloudfront.java2.createdistributiontenant.title`
	`129`	`+ - cloudfront.java2.createdistributiontenant.selfhosted`
	`130`	`+ - cloudfront.java2.createdistributiontenant.closebrace`
	`131`	`+ services:`
	`132`	`+ cloudfront: {CreateDistribution, CreateDistributionTenant}`
`83`	`133`	`cloudfront_CreateKeyGroup:`
`84`	`134`	`languages:`
`85`	`135`	`Java:`

`‎javav2/example_code/cloudfront/README.md‎`

Lines changed: 14 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -45,6 +45,7 @@ Code excerpts that show you how to call individual service functions.`
`45`	`45`	`Code examples that show you how to accomplish a specific task by calling multiple`
`46`	`46`	`functions within the same service.`
`47`	`47`
	`48`	`+- [Create a multi-tenant distribution and distribution tenant](src/main/java/com/example/cloudfront/CreateMultiTenantDistribution.java)`
`48`	`49`	`- [Delete signing resources](src/main/java/com/example/cloudfront/DeleteSigningResources.java)`
`49`	`50`	`- [Sign URLs and cookies](src/main/java/com/example/cloudfront/CreateCannedPolicyRequest.java)`
`50`	`51`
`@@ -62,6 +63,18 @@ functions within the same service.`
`62`	`63`
`63`	`64`
`64`	`65`
	`66`	`+#### Create a multi-tenant distribution and distribution tenant`
	`67`	`+`
	`68`	`+This example shows you how to create a multi-tenant distribution and distribution tenant with various configurations.`
	`69`	`+`
	`70`	`+`
	`71`	`+<!--custom.scenario_prereqs.cloudfront_CreateSaasResources.start-->`
	`72`	`+<!--custom.scenario_prereqs.cloudfront_CreateSaasResources.end-->`
	`73`	`+`
	`74`	`+`
	`75`	`+<!--custom.scenarios.cloudfront_CreateSaasResources.start-->`
	`76`	`+<!--custom.scenarios.cloudfront_CreateSaasResources.end-->`
	`77`	`+`
`65`	`78`	`#### Delete signing resources`
`66`	`79`
`67`	`80`	`This example shows you how to delete resources that are used to gain access to restricted content in an Amazon Simple Storage Service (Amazon S3) bucket.`
@@ -112,4 +125,4 @@ in the `javav2` folder.
`112`	`125`
`113`	`126`	`Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.`
`114`	`127`
`115`		`-SPDX-License-Identifier: Apache-2.0`
	`128`	`+SPDX-License-Identifier: Apache-2.0`

`‎javav2/example_code/cloudfront/pom.xml‎`

Lines changed: 6 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@`
`26`	`26`	`<plugin>`
`27`	`27`	`<groupId>org.apache.maven.plugins</groupId>`
`28`	`28`	`<artifactId>maven-surefire-plugin</artifactId>`
`29`		`- <version>3.5.2</version>`
	`29`	`+ <version>3.5.3</version>`
`30`	`30`	`</plugin>`
`31`	`31`	`</plugins>`
`32`	`32`	`</build>`
`@@ -35,7 +35,7 @@`
`35`	`35`	`<dependency>`
`36`	`36`	`<groupId>software.amazon.awssdk</groupId>`
`37`	`37`	`<artifactId>bom</artifactId>`
`38`		`- <version>2.31.8</version>`
	`38`	`+ <version>2.31.78</version>`
`39`	`39`	`<type>pom</type>`
`40`	`40`	`<scope>import</scope>`
`41`	`41`	`</dependency>`
`@@ -67,6 +67,10 @@`
`67`	`67`	`<groupId>software.amazon.awssdk</groupId>`
`68`	`68`	`<artifactId>s3control</artifactId>`
`69`	`69`	`</dependency>`
	`70`	`+ <dependency>`
	`71`	`+ <groupId>software.amazon.awssdk</groupId>`
	`72`	`+ <artifactId>route53</artifactId>`
	`73`	`+ </dependency>`
`70`	`74`	`<dependency>`
`71`	`75`	`<groupId>software.amazon.awssdk</groupId>`
`72`	`76`	`<artifactId>iam</artifactId>`

`‎javav2/example_code/cloudfront/src/main/java/com/example/cloudfront/CreateDistributionTenant.java‎`

Lines changed: 182 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,182 @@`
	`1`	`+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.`
	`2`	`+// SPDX-License-Identifier: Apache-2.0`
	`3`	`+`
	`4`	`+package com.example.cloudfront;`
	`5`	`+`
	`6`	`+// snippet-start:[cloudfront.java2.createdistributiontenant.import]`
	`7`	`+`
	`8`	`+import software.amazon.awssdk.services.cloudfront.CloudFrontClient;`
	`9`	`+import software.amazon.awssdk.services.cloudfront.model.CreateConnectionGroupResponse;`
	`10`	`+import software.amazon.awssdk.services.cloudfront.model.CreateDistributionTenantResponse;`
	`11`	`+import software.amazon.awssdk.services.cloudfront.model.DistributionTenant;`
	`12`	`+import software.amazon.awssdk.services.cloudfront.model.GetConnectionGroupResponse;`
	`13`	`+import software.amazon.awssdk.services.cloudfront.model.ValidationTokenHost;`
	`14`	`+import software.amazon.awssdk.services.route53.Route53Client;`
	`15`	`+import software.amazon.awssdk.services.route53.model.RRType;`
	`16`	`+`
	`17`	`+import java.time.Instant;`
	`18`	`+// snippet-end:[cloudfront.java2.createdistributiontenant.import]`
	`19`	`+`
	`20`	`+// snippet-start:[cloudfront.java2.createdistributiontenant.title]`
	`21`	`+public class CreateDistributionTenant {`
	`22`	`+// snippet-end:[cloudfront.java2.createdistributiontenant.title]`
	`23`	`+// snippet-start:[cloudfront.java2.createdistributiontenant.nocert]`
	`24`	`+ public static DistributionTenant createDistributionTenantNoCert(CloudFrontClient cloudFrontClient,`
	`25`	`+ Route53Client route53Client,`
	`26`	`+ String distributionId,`
	`27`	`+ String domain,`
	`28`	`+ String hostedZoneId) {`
	`29`	`+ CreateDistributionTenantResponse createResponse = cloudFrontClient.createDistributionTenant(builder -> builder`
	`30`	`+ .distributionId(distributionId)`
	`31`	`+ .domains(b1 -> b1`
	`32`	`+ .domain(domain))`
	`33`	`+ .parameters(b2 -> b2`
	`34`	`+ .name("tenantName")`
	`35`	`+ .value("myTenant"))`
	`36`	`+ .enabled(false)`
	`37`	`+ .name("no-cert-tenant")`
	`38`	`+ );`
	`39`	`+`
	`40`	`+ final DistributionTenant distributionTenant = createResponse.distributionTenant();`
	`41`	`+`
	`42`	`+ // Then update the Route53 hosted zone to point your domain at the distribution tenant`
	`43`	`+ // We fetch the RoutingEndpoint to point to via the default connection group that was created for your tenant`
	`44`	`+ final GetConnectionGroupResponse fetchedConnectionGroup = cloudFrontClient.getConnectionGroup(builder -> builder`
	`45`	`+ .identifier(distributionTenant.connectionGroupId()));`
	`46`	`+`
	`47`	`+ route53Client.changeResourceRecordSets(builder -> builder`
	`48`	`+ .hostedZoneId(hostedZoneId)`
	`49`	`+ .changeBatch(b1 -> b1`
	`50`	`+ .comment("ChangeBatch comment")`
	`51`	`+ .changes(b2 -> b2`
	`52`	`+ .resourceRecordSet(b3 -> b3`
	`53`	`+ .name(domain)`
	`54`	`+ .type("CNAME")`
	`55`	`+ .ttl(300L)`
	`56`	`+ .resourceRecords(b4 -> b4`
	`57`	`+ .value(fetchedConnectionGroup.connectionGroup().routingEndpoint())))`
	`58`	`+ .action("CREATE"))`
	`59`	`+ ));`
	`60`	`+ return distributionTenant;`
	`61`	`+ }`
	`62`	`+// snippet-end:[cloudfront.java2.createdistributiontenant.nocert]`
	`63`	`+`
	`64`	`+// snippet-start:[cloudfront.java2.createdistributiontenant.withcert]`
	`65`	`+ public static DistributionTenant createDistributionTenantWithCert(CloudFrontClient cloudFrontClient,`
	`66`	`+ Route53Client route53Client,`
	`67`	`+ String distributionId,`
	`68`	`+ String domain,`
	`69`	`+ String hostedZoneId,`
	`70`	`+ String certificateArn) {`
	`71`	`+ CreateDistributionTenantResponse createResponse = cloudFrontClient.createDistributionTenant(builder -> builder`
	`72`	`+ .distributionId(distributionId)`
	`73`	`+ .domains(b1 -> b1`
	`74`	`+ .domain(domain))`
	`75`	`+ .enabled(false)`
	`76`	`+ .name("tenant-with-cert")`
	`77`	`+ .parameters(b2 -> b2`
	`78`	`+ .name("tenantName")`
	`79`	`+ .value("myTenant"))`
	`80`	`+ .customizations(b3 -> b3`
	`81`	`+ .certificate(b4 -> b4`
	`82`	`+ .arn(certificateArn))) // NOTE: Cert must be in Us-East-1 and cover the domain provided in this request`
	`83`	`+`
	`84`	`+ );`
	`85`	`+`
	`86`	`+ final DistributionTenant distributionTenant = createResponse.distributionTenant();`
	`87`	`+`
	`88`	`+ // Then update the Route53 hosted zone to point your domain at the distribution tenant`
	`89`	`+ // We fetch the RoutingEndpoint to point to via the default connection group that was created for your tenant`
	`90`	`+ final GetConnectionGroupResponse fetchedConnectionGroup = cloudFrontClient.getConnectionGroup(builder -> builder`
	`91`	`+ .identifier(distributionTenant.connectionGroupId()));`
	`92`	`+`
	`93`	`+ route53Client.changeResourceRecordSets(builder -> builder`
	`94`	`+ .hostedZoneId(hostedZoneId)`
	`95`	`+ .changeBatch(b1 -> b1`
	`96`	`+ .comment("ChangeBatch comment")`
	`97`	`+ .changes(b2 -> b2`
	`98`	`+ .resourceRecordSet(b3 -> b3`
	`99`	`+ .name(domain)`
	`100`	`+ .type("CNAME")`
	`101`	`+ .ttl(300L)`
	`102`	`+ .resourceRecords(b4 -> b4`
	`103`	`+ .value(fetchedConnectionGroup.connectionGroup().routingEndpoint())))`
	`104`	`+ .action("CREATE"))`
	`105`	`+ ));`
	`106`	`+ return distributionTenant;`
	`107`	`+ }`
	`108`	`+// snippet-end:[cloudfront.java2.createdistributiontenant.withcert]`
	`109`	`+`
	`110`	`+// snippet-start:[cloudfront.java2.createdistributiontenant.cfhosted]`
	`111`	`+ public static DistributionTenant createDistributionTenantCfHosted(CloudFrontClient cloudFrontClient,`
	`112`	`+ Route53Client route53Client,`
	`113`	`+ String distributionId,`
	`114`	`+ String domain,`
	`115`	`+ String hostedZoneId) throws InterruptedException {`
	`116`	`+ CreateConnectionGroupResponse createConnectionGroupResponse = cloudFrontClient.createConnectionGroup(builder -> builder`
	`117`	`+ .ipv6Enabled(true)`
	`118`	`+ .name("cf-hosted-connection-group")`
	`119`	`+ .enabled(true));`
	`120`	`+`
	`121`	`+ route53Client.changeResourceRecordSets(builder -> builder`
	`122`	`+ .hostedZoneId(hostedZoneId)`
	`123`	`+ .changeBatch(b1 -> b1`
	`124`	`+ .comment("cf-hosted domain validation record")`
	`125`	`+ .changes(b2 -> b2`
	`126`	`+ .resourceRecordSet(b3 -> b3`
	`127`	`+ .name(domain)`
	`128`	`+ .type(RRType.CNAME)`
	`129`	`+ .ttl(300L)`
	`130`	`+ .resourceRecords(b4 -> b4`
	`131`	`+ .value(createConnectionGroupResponse.connectionGroup().routingEndpoint())))`
	`132`	`+ .action("CREATE"))`
	`133`	`+ ));`
	`134`	`+`
	`135`	`+ // Give the R53 record time to propagate, if it isn't being returned by servers yet, the following call will fail`
	`136`	`+ Thread.sleep(60000);`
	`137`	`+`
	`138`	`+ CreateDistributionTenantResponse createResponse = cloudFrontClient.createDistributionTenant(builder -> builder`
	`139`	`+ .distributionId(distributionId)`
	`140`	`+ .domains(b1 -> b1`
	`141`	`+ .domain(domain))`
	`142`	`+ .connectionGroupId(createConnectionGroupResponse.connectionGroup().id())`
	`143`	`+ .enabled(false)`
	`144`	`+ .name("cf-hosted-tenant")`
	`145`	`+ .parameters(b2 -> b2`
	`146`	`+ .name("tenantName")`
	`147`	`+ .value("myTenant"))`
	`148`	`+ .managedCertificateRequest(b3 -> b3`
	`149`	`+ .validationTokenHost(ValidationTokenHost.CLOUDFRONT)`
	`150`	`+ )`
	`151`	`+ );`
	`152`	`+`
	`153`	`+ return createResponse.distributionTenant();`
	`154`	`+ }`
	`155`	`+// snippet-end:[cloudfront.java2.createdistributiontenant.cfhosted]`
	`156`	`+`
	`157`	`+// snippet-start:[cloudfront.java2.createdistributiontenant.selfhosted]`
	`158`	`+ public static DistributionTenant createDistributionTenantSelfHosted(CloudFrontClient cloudFrontClient,`
	`159`	`+ String distributionId,`
	`160`	`+ String domain) {`
	`161`	`+ CreateDistributionTenantResponse createResponse = cloudFrontClient.createDistributionTenant(builder -> builder`
	`162`	`+ .distributionId(distributionId)`
	`163`	`+ .domains(b1 -> b1`
	`164`	`+ .domain(domain))`
	`165`	`+ .parameters(b2 -> b2`
	`166`	`+ .name("tenantName")`
	`167`	`+ .value("myTenant"))`
	`168`	`+ .enabled(false)`
	`169`	`+ .name("self-hosted-tenant")`
	`170`	`+ .managedCertificateRequest(b3 -> b3`
	`171`	`+ .validationTokenHost(ValidationTokenHost.SELF_HOSTED)`
	`172`	`+ .primaryDomainName(domain)`
	`173`	`+ )`
	`174`	`+ );`
	`175`	`+`
	`176`	`+ return createResponse.distributionTenant();`
	`177`	`+ }`
	`178`	`+// snippet-end:[cloudfront.java2.createdistributiontenant.selfhosted]`
	`179`	`+`
	`180`	`+// snippet-start:[cloudfront.java2.createdistributiontenant.closebrace]`
	`181`	`+}`
	`182`	`+// snippet-end:[cloudfront.java2.createdistributiontenant.closebrace]`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 9092c28

File tree

8 files changed

8 files changed

`‎.doc_gen/metadata/cloudfront_metadata.yaml‎`

`‎javav2/example_code/cloudfront/README.md‎`

`‎javav2/example_code/cloudfront/pom.xml‎`

`‎javav2/example_code/cloudfront/src/main/java/com/example/cloudfront/CreateDistributionTenant.java‎`

0 commit comments