DataFlex
DataFlex
Amazon Glacier Set Vault Access Policy
See more Amazon Glacier Examples
Demonstrates how to set an access policy for a vault (will overwrite the existing policy).Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoRest
Boolean iBTls
Integer iPort
Boolean iBAutoReconnect
Variant vAuthAws
Handle hoAuthAws
Policy Handle hoJsonPolicy
Handle hoJson
Variant vSbRequestBody
Handle hoSbRequestBody
Variant vSbResponseBody
Handle hoSbResponseBody
Integer iRespStatusCode
String sTemp1
Move False To iSuccess
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Get Create (RefClass(cComChilkatRest)) To hoRest
If (Not(IsComObjectCreated(hoRest))) Begin
Send CreateComObject of hoRest
End
// Connect to the Amazon AWS REST server in the desired region.
Move True To iBTls
Move 443 To iPort
Move True To iBAutoReconnect
Get ComConnect Of hoRest "glacier.us-west-2.amazonaws.com" iPort iBTls iBAutoReconnect To iSuccess
// Provide AWS credentials.
Get Create (RefClass(cComChilkatAuthAws)) To hoAuthAws
If (Not(IsComObjectCreated(hoAuthAws))) Begin
Send CreateComObject of hoAuthAws
End
Set ComAccessKey Of hoAuthAws To "AWS_ACCESS_KEY"
Set ComSecretKey Of hoAuthAws To "AWS_SECRET_KEY"
Set ComServiceName Of hoAuthAws To "glacier"
Set ComRegion Of hoAuthAws To "us-west-2"
Get pvComObject of hoAuthAws to vAuthAws
Get ComSetAuthAws Of hoRest vAuthAws To iSuccess
// --------------------------------------------------------------------------
// Note: The above REST connection and setup of the AWS credentials
// can be done once. After connecting, any number of REST calls can be made.
// The "auto reconnect" property passed to rest.Connect indicates that if
// the connection is lost, a REST method call will automatically reconnect
// if needed.
// --------------------------------------------------------------------------
// For more information, see Glacier Set Vault Access Policy Reference Documentation
//
Get ComAddHeader Of hoRest "x-amz-glacier-version" "2012-06-01" To iSuccess
// Create the following JSON
// Use this online tool to generate the code from sample JSON:
// Generate Code to Create JSON
// {
// "Version": "2012-10-17",
// "Statement": [
// {
// "Sid": "Define-owner-access-rights",
// "Effect": "Allow",
// "Principal": {
// "AWS": "arn:aws:iam::AWS_ACCOUNT_ID:root"
// },
// "Action": "glacier:DeleteArchive",
// "Resource": "arn:aws:glacier:us-west-2:AWS_ACCOUNT_ID:vaults/chilkat"
// }
// ]
// }
Get Create (RefClass(cComChilkatJsonObject)) To hoJsonPolicy
If (Not(IsComObjectCreated(hoJsonPolicy))) Begin
Send CreateComObject of hoJsonPolicy
End
Get ComUpdateString Of hoJsonPolicy "Version" "2012-10-17" To iSuccess
Get ComUpdateString Of hoJsonPolicy "Statement[0].Sid" "Define-owner-access-rights" To iSuccess
Get ComUpdateString Of hoJsonPolicy "Statement[0].Effect" "Allow" To iSuccess
Get ComUpdateString Of hoJsonPolicy "Statement[0].Principal.AWS" "arn:aws:iam::AWS_ACCOUNT_ID:root" To iSuccess
Get ComUpdateString Of hoJsonPolicy "Statement[0].Action" "glacier:DeleteArchive" To iSuccess
// Notice here the name of the vault: "chilkat". Change it to your vault name. Also use your actual AWS account ID.
Get ComUpdateString Of hoJsonPolicy "Statement[0].Resource" "arn:aws:glacier:us-west-2:AWS_ACCOUNT_ID:vaults/chilkat" To iSuccess
// Wrap the above JSON in this JSON:
// {
// "Policy": "{ ... the above JSON ... }"
// }
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
Get ComEmit Of hoJsonPolicy To sTemp1
Get ComUpdateString Of hoJson "Policy" sTemp1 To iSuccess
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbRequestBody
If (Not(IsComObjectCreated(hoSbRequestBody))) Begin
Send CreateComObject of hoSbRequestBody
End
Get pvComObject of hoSbRequestBody to vSbRequestBody
Get ComEmitSb Of hoJson vSbRequestBody To iSuccess
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbResponseBody
If (Not(IsComObjectCreated(hoSbResponseBody))) Begin
Send CreateComObject of hoSbResponseBody
End
Get pvComObject of hoSbRequestBody to vSbRequestBody
Get pvComObject of hoSbResponseBody to vSbResponseBody
Get ComFullRequestSb Of hoRest "PUT" "/AWS_ACCOUNT_ID/vaults/chilkat/access-policy" vSbRequestBody vSbResponseBody To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoRest To sTemp1
Showln sTemp1
Procedure_Return
End
Get ComResponseStatusCode Of hoRest To iRespStatusCode
If (iRespStatusCode >= 400) Begin
Showln "Response Status Code = " iRespStatusCode
Showln "Response Header:"
Get ComResponseHeader Of hoRest To sTemp1
Showln sTemp1
Showln "Response Body:"
Get ComGetAsString Of hoSbResponseBody To sTemp1
Showln sTemp1
Procedure_Return
End
// Success is indicated by a 204 response status with an empty response body.
Showln "response status code = " iRespStatusCode
End_Procedure