[ aws . cloudfront ]
sign
--url <value>
--key-pair-id <value>
--private-key <value>
--date-less-than <value>
[--date-greater-than <value>]
[--ip-address <value>]
--url
(string)
The URL to be signed
--key-pair-id
(string)
The active CloudFront key pair Id for the key pair that you’re using to generate the signature.
--private-key
(string)
file://path/to/your/private-key.pem
--date-less-than
(string)
The expiration date and time for the URL. Supported formats include: YYYY-MM-DD (which means 0AM UTC of that day), YYYY-MM-DDThh:mm:ss (with default timezone as UTC), YYYY-MM-DDThh:mm:ss+hh:mm or YYYY-MM-DDThh:mm:ss-hh:mm (with offset), or EpochTime (which always means UTC). Do NOT use YYYYMMDD, because it will be treated as EpochTime.
--date-greater-than
(string)
An optional start date and time for the URL. Supported formats include: YYYY-MM-DD (which means 0AM UTC of that day), YYYY-MM-DDThh:mm:ss (with default timezone as UTC), YYYY-MM-DDThh:mm:ss+hh:mm or YYYY-MM-DDThh:mm:ss-hh:mm (with offset), or EpochTime (which always means UTC). Do NOT use YYYYMMDD, because it will be treated as EpochTime.
--ip-address
(string)
An optional IP address or IP address range to allow client making the GET request from. Format: x.x.x.x/x or x.x.x.x
See ‘aws help’ for descriptions of global parameters.
To sign a CloudFront URL
The following example signs a CloudFront URL. To sign a URL, you need the key pair ID (called the Access Key ID in the AWS Management Console) and the private key of the trusted signer’s CloudFront key pair. For more information about signed URLs, see Serving Private Content with Signed URLs and Signed Cookies in the Amazon CloudFront Developer Guide.
aws cloudfront sign \
--url https://d111111abcdef8.cloudfront.net/private-content/private-file.html \
--key-pair-id APKAEIBAERJR2EXAMPLE \
--private-key file://cf-signer-priv-key.pem \
--date-less-than 2020-01-01
Output:
https://d111111abcdef8.cloudfront.net/private-content/private-file.html?Expires=1577836800&Signature=nEXK7Kby47XKeZQKVc6pwkif6oZc-JWSpDkH0UH7EBGGqvgurkecCbgL5VfUAXyLQuJxFwRQWscz-owcq9KpmewCXrXQbPaJZNi9XSNwf4YKurPDQYaRQawKoeenH0GFteRf9ELK-Bs3nljTLjtbgzIUt7QJNKXcWr8AuUYikzGdJ4-qzx6WnxXfH~fxg4-GGl6l2kgCpXUB6Jx6K~Y3kpVOdzUPOIqFLHAnJojbhxqrVejomZZ2XrquDvNUCCIbePGnR3d24UPaLXG4FKOqNEaWDIBXu7jUUPwOyQCvpt-GNvjRJxqWf93uMobeMOiVYahb-e0KItiQewGcm0eLZQ__&Key-Pair-Id=APKAEIBAERJR2EXAMPLE