book

Programming Amazon Web Services

Name: Programming Amazon Web Services
Author: James Murty
ISBN: 9780596551797

by James Murty

March 2008

Intermediate to advanced

604 pages

18h 38m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Programming Amazon Web Services
SPECIAL OFFER: Upgrade this ebook with O’Reilly
A Note Regarding Supplemental Files
Preface
What’s in This Book?
Ruby and Interactive Examples
Conventions Used in This Book
Using Code Examples
Safari® Enabled
How to Contact Us
Acknowledgments

1. Infrastructure in the Cloud
Amazon Web Services for InfrastructureSigning Up for Amazon Web Services
Thinking Like Amazon
Reality Check
Web Services Are Dependent on a Reliable NetworkAmazon Does Not Offer Service Level Agreements for All Its Web ServicesData Security and PrivacySpecialized Infrastructure RequirementsCommunication Channels for Fault Reporting and Resolution
Interfaces: REST and Query Versus SOAP
2. Interacting with Amazon Web Services
REST-Based APIsHTTP Requests and ResponsesREST and Query APIsXML DocumentsInterpreting XML documents with XPathHierarchical object structuresBuilding XML documentsHandlingService Errors
User Authentication
Request DescriptionsSigning Request DescriptionsCommon Service Properties
Performing AWS Requests
REST API ImplementationSending REST requestsRequest authenticationQuery API ImplementationRequest parametersSending query requestsRequest descriptionUtility MethodsTime adjustmentsBase-64 encodingDebug logging
3. S3: Simple Storage Service
S3 OverviewS3 ArchitecturePricing
Interacting with S3
REST APIS3 Implementation StubConstructing S3 URIs
Buckets
Bucket LocationsBucket NamesCreate a BucketLook Up a Bucket’s LocationList Your BucketsDelete a Bucket
Objects
Object Keys and Hierarchical NamingObject MetadataObjects Are ImmutableCreate or Replace an ObjectRetrieving ObjectsRetrieving Objects ConditionallyListing ObjectsObject detailsTruncated listingsSearchingListing parametersListing implementationDemonstrating object searchingDeleting ObjectsCreate Objects from a Web Browser Using POSTHTML form for S3 POSTPolicy Document for S3 POSTGenerate a policy documentGenerate a form
Alternative Hostnames
Access Control Lists
ACL GranteesACL PermissionsRetrieve a Resource’s ACLUpdate a Resource’s ACLCanned Access PoliciesUpdate a Resource’s Canned ACL
Server Access Logging (Beta)
Configuring Server Access LoggingLogging FilesRetrieve Logging SettingsModify Logging SettingsAccess Permissions for Logging
Signed URIs
Distributing Objects with BitTorrent
4. S3 Applications
Share Large Files
Online Backup with AWS::S3
AWS::S3 Ruby LibraryS3Backup ClassList Backed-Up ObjectsFind Files to Back UpBack Up FilesDelete Obsolete ObjectsPutting It All TogetherContent-Length Workaround
S3 Filesystem with ElasticDrive
ChallengesElasticDrive: S3 As a Virtual Block DeviceSetup and configuration
Mediated Access to S3 with JetS3t
JetS3t GatekeeperDeploy the Gatekeeper servletConfigure and test Cockpit LiteAuthorization with HTTP BasicCustomizable authorization modulesImplement a custom authorization moduleNext steps
5. EC2: Elastic Compute Cloud (Beta)
EC2 OverviewEC2 InstancesAMIsThe EC2 EnvironmentPricing
Interacting with EC2
Query APIEC2 Implementation Stub
Keypairs
List KeypairsCreate a KeypairDelete a Keypair
Network Security by IP
Allow IP Traffic
Finding Amazon Machine Images
List Available AMIs
Controlling Instances
Stop Running InstancesStarting InstancesList Running Instances
Log In to an Instance
Security Groups
List Security GroupsCreating Security GroupsDeleting Security GroupsAllow Traffic from EC2 GroupsAllow group trafficDisallow Traffic by IP or Group
Managing and Sharing AMIs
Register an AMIDeregistering an AMIModify Image AttributesDescribe Image AttributesReset AMI AttributesConfirm an Instance’s Product Code
Console Output and Instance Reboot
Console Output SnapshotReboot Running Instances
6. Using EC2 Instances and Images
EC2 Instances in DetailLinux KernelNetwork AddressingDynamic addressing issuesInstance DataInstance data versioningInstance MetadataInstance user dataPerformance
Data Management in EC2
Storage LocationsEphemeral Storage
Modifying an AMI
AMI Security AuditingInstall Amazon’s Bundling ToolsConfigure System ServicesBundling an Instance into an AMIUploading AMI Files to S3
Registering an AMI
Create an AMI from Scratch
Prepare the AMI FilesystemInstall Fedora 7 BaseConfigure NetworkingStartup ScriptsInstall Additional SoftwareCleanupBundle and Register Your AMI
7. EC2 Applications
Dynamic DNSDynDNS: Free Dynamic DNS ServiceEveryDNS.net
On-Demand VPN Server with OpenVPN
OpenVPN Security GroupStart an AMIInstall and Configure OpenVPN on an EC2 InstanceInstall and Configure OpenVPN on a Client ComputerNAT RoutingRun OpenVPN as a Service
Web Photo Album with Gallery 2
Launch an EC2 InstanceInstall an Apache Web Application StackInstall the Gallery 2 ApplicationData Backup to S3Restoring Data from S3Next Steps
8. SQS: Simple Queue Service
SQS OverviewSQS ArchitectureGuidelines for SQS ApplicationsThe Message Life CycleSQS Client RolesPricingAPI Version 2008-01-01Pricing for API version 2008-01-01Changes in API version 2008-01-01
Interacting with SQS
Query APISQS Implementation Stub
Queues
Create a QueueList QueuesDeleting Queues
Messages
Sending MessagesReceiving MessagesDeleting MessagesPeeking at a MessageControlling the Visibility of Messages
Queue Attributes
Retrieve Queue AttributesModify Queue Attributes
Queue Access Control
GranteesPermissionsListing a Queue’s Access Control SettingsAdd an Access Control RuleRevoke an Access Control Rule
9. SQS Applications
Messaging SimulatorCode StubSimulator ReceiverTest the receiverRunning SimulationsSimulation ScenariosGetting startedSimple simulationChecking efficiencyMultiple batches
Distributed Application Services with BOTO
The Boto Services FrameworkArchitectureServicesMessage queuesMessage formatStart service scriptToward a Generic ServiceMessage formatMultiCommandServiceVisibilityThreadBootstrap Service StartupBuilding a Distributed ApplicationCreate a custom service instanceBundle the service instance to an AMITesting the MultiCommandServiceImageMagick examplesFFmpeg example
Automated Management of EC2 Instance Pools with Lifeguard
Estimating LoadManaging the PoolInstallation and TestingManaging a Pool of MultiCommandService InstancesStatus notifications from MultiCommandServiceA pool manager compatible with MultiCommandService AMIsConfiguring LifeguardAutomation achieved
10. FPS: Flexible Payments Service (Beta)
FPS OverviewTransaction ParticipantsTransaction Walk-ThroughAmazon Payments AccountsPayment Instructions and TokensThe Co-branded UI (CBUI) PipelineBrandingHandling responsesPayment MethodsPricing
Interacting with FPS
Production and Sandbox EnvironmentsQuery APIFPS Implementation StubService Response MessagesCommon fieldsService errorsIdempotent Transactions
Managing Your Tokens
Gatekeeper Language BasicsInstall Payment Instructions (Create a Token)View Installed Payment InstructionsRetrieve a TokenList the Tokens in Your AccountCancel a TokenView a Token’s Usage Limits
Acquiring Third-Party Tokens
Generating CBUI Request URIsInterpreting CBUI Result URIsVerifying a CBUI result URIUsing a web browser to obtain CBUI resultsUsing a simple web server to interpret CBUI resultsAcquire a SingleUse Sender TokenAcquire a Multiuse Sender TokenAcquire a Recurring Sender TokenAllow a Third Party to Modify a Token
Pay Now Widgets
The Anatomy of a Pay Now WidgetGenerate a Pay Now HTML FormInterpreting Pay Now Widget Result URIs
11. FPS Transactions and Accounts
Performing FPS TransactionsTransaction FeesTransaction ReferencesPerform a PaymentRetrieve Transaction DetailsHandling Transaction ResultsRetry a Declined TransactionGet ResultsDiscard ResultsPerform a RefundReserve Credit Card FundsSettle a Reserved Transaction
Account Management and Information
Retrieve Your Account BalanceAccount Activity
12. FPS Advanced Topics
Gatekeeper Language GuideHow FPS Evaluates Gatekeeper RulesSample Gatekeeper DocumentsCaller instructionsRecipient instructionsRefund sender instructionsSender instructionsSender statements for MultiUse or Recurring tokensGatekeeper Language SyntaxAssertionsAssignmentsValue expressionsGatekeeper VariablesPrivate variablesGlobal variables
Micropayments with FPS
Drawbacks of Micropayment InstrumentsThe Prepaid Payment InstrumentAcquire a Prepaid TokenFund a prepaid instrumentRetrieve balanceRetrieve liabilityList your prepaid instrumentsPostpaid Payment InstrumentAcquire a postpaid tokenRetrieve debt balanceRetrieve outstanding debt balanceSettle debtWriteOffDebtList your postpaid instruments
Building a Marketplace Application
Charging Fees for Access to Your MarketplaceAcquire a Recipient Token
Subscribing to FPS Event Notifications
Subscribe to NotificationsUnsubscribe from Notifications
13. SimpleDB (Beta)
SimpleDB OverviewA Simple Database, Not an RDBMSPricing
Interacting with SimpleDB
Query APISimpleDB Implementation StubService Response Messages
Domains
Create a DomainList Your DomainsDelete a Domain
Items and Attributes
Attribute ParametersRetrieve an Item’s AttributesCreate or Update an ItemDelete an Item’s Attributes
Representing Data in SimpleDB
Boolean EncodingDate EncodingInteger EncodingFloat EncodingAutomated Encoding and Decoding of Values
Performing Queries
Perform a SimpleDB QuerySimpleDB Query Expression SyntaxPredicatesPredicate operatorsSet operations
Stock Price Database: A Mini SimpleDB Application
Obtain Historic Stock Price DataLoad Stocks Data into SimpleDBQuery and Retrieve Stock DataCaching SimpleDB with Memcached
A. AWS Resources
AWS Online ResourcesAmazon DevPay (Limited Beta)
Client Tools
Multiple ServicesS3EC2
API Libraries
Multiple ServicesS3EC2SQS
Third-Party AWS Solutions
Multiple ServicesS3EC2FPS
B. AWS API Error Codes
S3: Simple Storage Service
EC2: Elastic Compute Cloud
SQS: Simple Queue Service
FPS: Flexible Payments Service
SimpleDB
Index
About the Author
Colophon
SPECIAL OFFER: Upgrade this ebook with O’Reilly

Content preview from Programming Amazon Web Services

Mediated Access to S3 with JetS3t

The S3 service can be a very effective platform for sharing information, when its simple access control mechanisms meet your needs; but the level of control possible with the service’s ACL settings may not always be sufficient. Some scenarios are difficult or impossible to achieve with ACL settings alone, such as if you wish to make your S3 storage available to your customers or colleagues to use when they do not have their own AWS account. In such cases you may need to provide your own intermediate service to mediate access to your S3 storage.

In this section we will demonstrate how to use tools available in the JetS3t Java library to mediate third-party access to your S3 storage. These tools include a client-side application, for interacting with S3 to upload and download files, and a server-side Gatekeeper component that decides whether the client, or user, should be authorized to perform these operations.

Note

Disclaimer: The JetS3t project was created by the author of this book.

There are a number of ways you could share your S3 storage with others. Let us take a look at a few of the options to see why we think the JetS3t tools are worth considering.

Public write permission via an ACL: The simplest way to allow third parties to upload files to your S3 buckets is to grant write permission to the general public. If you apply this ACL setting, anyone with S3 client software can upload files into the bucket and replace or delete existing objects. This ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9780596515812Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Programming Amazon Web Services

by James Murty

Mediated Access to S3 with JetS3t

Note

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.