Clojurians Log v2
Clojure programming
Channels
Apps
aws
http://status.aws.amazon.com/ https://www.expeditedssl.com/aws-in-plain-english
steveb8n 2019-03-22T08:52:38.067400Z
Q: has anyone got a sample of granting public read access to a file in S3 using https://github.com/cognitect-labs/aws-api? I canโt seem to get it right. Hereโs my best effort
(aws/invoke s3 {:op :PutObjectAcl
:request {:Bucket bucket
:Key "test.txt"
:AccessControlPolicy {:Grants [{:Grantee {:Type "Group"
:URI "<http://acs.amazonaws.com/groups/global/AllUsers>"}
:Permission "READ"}]}}})
ghadi 2019-03-22T12:51:45.067900Z
@steveb8n have you turned on request validation?
ghadi 2019-03-22T19:57:26.068600Z
{:paths ["src"]
:deps {org.clojure/clojure {:mvn/version "1.10.0"}
com.cognitect.aws/lambda {:mvn/version "705.2.402.0"}
com.cognitect.aws/api {:mvn/version "0.8.273"}
com.cognitect.aws/endpoints {:mvn/version "1.1.11.507"}}}
ghadi 2019-03-22T19:57:40.068800Z
(require '[cognitect.aws.client.api :as aws])
(def c (aws/client {:api :lambda}))
(aws/invoke c {:op :Invoke :request {:FunctionName "ghadiecstsks"}})
ghadi 2019-03-22T19:58:33.069400Z
I'm invoking the lambda without a body payload here
ghadi 2019-03-22T19:58:39.069700Z
but it takes :Payload too
ghadi 2019-03-22T19:59:22.070100Z
(aws/doc c :Invoke) shows you more
ghadi 2019-03-22T19:59:36.070300Z
-------------------------
Request
{:FunctionName string,
:InvocationType string,
:LogType string,
:ClientContext string,
:Payload blob,
:Qualifier string}
Required
[:FunctionName]
-------------------------
Response
{:StatusCode integer,
:FunctionError string,
:LogResult string,
:Payload blob,
:ExecutedVersion string}
ghadi 2019-03-22T19:59:39.070500Z
Pretty useful
2019-03-22T20:30:12.071600Z
does anyone have a favorite snippet for generating time limited signed s3 urls? generating those urls isn't really an api operation so I don't think aws-api covers it
alexmiller 2019-03-22T20:33:33.071800Z
I think it does actually
alexmiller 2019-03-22T20:34:33.072500Z
oh, maybe not time limited, not sure
2019-03-22T20:34:39.072700Z
https://github.com/cognitect-labs/aws-api/issues/5 also suggests it doesn't
ghadi 2019-03-22T20:36:26.073900Z
it doesn't but (@dchelimsky will shoot me for suggesting this) you could call some internal stuff within cognitect.aws.signers to assemble the url
ghadi 2019-03-22T20:36:49.074100Z
the actual 'spec' is here https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
ghadi 2019-03-22T20:37:04.074500Z
https://docs.aws.amazon.com/AmazonS3/latest/API/images/sigV4-using-query-params.png
kulminaator 2019-03-23T20:48:32.080100Z
just as a personal note, i implemented the same thing for my own project to do aws requests, this is quite a mess of an idea ๐
ghadi 2019-03-22T21:08:53.075900Z
(aws/invoke c {:op :PutObjectAcl :request {:ACL "public-read" :Bucket "BUCKET" :Key "KEY"}})
2019-03-22T21:58:03.076400Z
> it doesn't but (@dchelimsky will shoot me for suggesting this) you could call some internal stuff within cognitect.aws.signers to assemble the url at your own risk ๐
steveb8n 2019-03-22T22:02:16.078300Z
@ghadi thanks. that worked immediately. I did have validation turned on. It was the end of my work day and my brain always slows down then. Appreciated ๐
2019-03-22T22:21:53.079800Z
2 hours with the spec to write a function to do it, so I guess the docs are good, but I do feel like my brain has been smeared over a flat surface to a thickness of about a quarter inch