(Objective-C) S3 Get Bucket Policy

Demonstrates how to send a GET request to fetch the policy of a specified bucket. The following information is quoted from the AWS REST API reference documentation at http://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETpolicy.html

To use this operation, you must have GetPolicy permissions on the specified bucket, and you must be the bucket owner.

If you don't have GetPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not the bucket owner, Amazon S3 returns a 405 Method Not Allowed error. If the bucket does not have a policy, Amazon S3 returns a 404 Policy Not found error. There are restrictions about who can create bucket policies and which objects in a bucket they can apply to. For more information, go to Using Bucket Policies.

Important: This example requires Chilkat v9.5.0.66 or greater.

Chilkat Objective-C Library Downloads MAC OS X (Cocoa) Libs iOS Libs

#import <CkoRest.h>
#import <CkoAuthAws.h>
#import <NSString.h>
#import <CkoJsonObject.h>

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Important: This example requires Chilkat v9.5.0.66 or greater.

CkoRest *rest = [[CkoRest alloc] init];

// Connect to the Amazon AWS REST server in the desired region.
BOOL bTls = YES;
int port = 443;
BOOL bAutoReconnect = YES;
BOOL success = [rest Connect: @"s3-us-west-2.amazonaws.com" port: [NSNumber numberWithInt: port] tls: bTls autoReconnect: bAutoReconnect];

// Provide AWS credentials.
CkoAuthAws *authAws = [[CkoAuthAws alloc] init];
authAws.AccessKey = @"AWS_ACCESS_KEY";
authAws.SecretKey = @"AWS_SECRET_KEY";
authAws.ServiceName = @"s3";

// This particular bucket is in the Oregon region, as opposed to the US Standard,
// therefore the Region must be set appropriately.
// Also note that we connected to "s3-us-west-2.amazonaws.com".
authAws.Region = @"us-west-2";

success = [rest SetAuthAws: authAws];

// Note: The above REST connection and setup of the AWS credentials
// can be done once.  After connecting, any number of REST calls can be made.
// The "auto reconnect" property passed to rest.Connect indicates that if
// the connection is lost, a REST method call will automatically reconnect
// if needed.
// --------------------------------------------------------------------------

// Set the bucket name via the HOST header.
// In this case, the bucket name is "chilkat.ocean".
// Note that the Host header should use "bucketName.s3.amazonaws.com", not "bucketName.s3-us-west-2.amazonaws.com"
rest.Host = @"chilkat.ocean.s3.amazonaws.com";

// Get the policy.
NSString *responseJsonStr = [rest FullRequestNoBody: @"GET" uriPath: @"/?policy"];
if (rest.LastMethodSuccess != YES) {
    NSLog(@"%@",rest.LastErrorText);
    return;
}

// When successful, the S3 Storage service will respond with a 200 response code,
// with an XML body.  
if ([rest.ResponseStatusCode intValue] != 200) {
    // Examine the request/response to see what happened.
    NSLog(@"%@%d",@"response status code = ",[rest.ResponseStatusCode intValue]);
    NSLog(@"%@%@",@"response status text = ",rest.ResponseStatusText);
    NSLog(@"%@%@",@"response header: ",rest.ResponseHeader);
    NSLog(@"%@%@",@"response body: ",responseJsonStr);
    NSLog(@"%@",@"---");
    NSLog(@"%@%@",@"LastRequestStartLine: ",rest.LastRequestStartLine);
    NSLog(@"%@%@",@"LastRequestHeader: ",rest.LastRequestHeader);
}

NSLog(@"%@%@",@"response body: ",responseJsonStr);

// Load the JSON and display in a more human-readable manner:
CkoJsonObject *json = [[CkoJsonObject alloc] init];
[json Load: responseJsonStr];
json.EmitCompact = NO;
NSLog(@"%@",[json Emit]);

// Sample output:

// 	{ 
// 	  "Version": "2012-10-17",
// 	  "Statement": [
// 	    { 
// 	      "Effect": "Allow",
// 	      "Resource": "arn:aws:s3.asp">chilkat.ocean/",
// 	      "Principal": "*"
// 	    }
// 	  ]
// 	}
//