Swift
Swift
Amazon Glacier Set Vault Access Policy
See more Amazon Glacier Examples
Demonstrates how to set an access policy for a vault (will overwrite the existing policy).Chilkat Swift Downloads
func chilkatTest() {
var success: Bool = false
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
let rest = CkoRest()!
// Connect to the Amazon AWS REST server in the desired region.
var bTls: Bool = true
var port: Int = 443
var bAutoReconnect: Bool = true
success = rest.connect(hostname: "glacier.us-west-2.amazonaws.com", port: port, tls: bTls, autoReconnect: bAutoReconnect)
// Provide AWS credentials.
let authAws = CkoAuthAws()!
authAws.accessKey = "AWS_ACCESS_KEY"
authAws.secretKey = "AWS_SECRET_KEY"
authAws.serviceName = "glacier"
authAws.region = "us-west-2"
success = rest.setAuthAws(authProvider: authAws)
// --------------------------------------------------------------------------
// Note: The above REST connection and setup of the AWS credentials
// can be done once. After connecting, any number of REST calls can be made.
// The "auto reconnect" property passed to rest.Connect indicates that if
// the connection is lost, a REST method call will automatically reconnect
// if needed.
// --------------------------------------------------------------------------
// For more information, see Glacier Set Vault Access Policy Reference Documentation
//
rest.addHeader(name: "x-amz-glacier-version", value: "2012-06-01")
// Create the following JSON
// Use this online tool to generate the code from sample JSON:
// Generate Code to Create JSON
// {
// "Version": "2012-10-17",
// "Statement": [
// {
// "Sid": "Define-owner-access-rights",
// "Effect": "Allow",
// "Principal": {
// "AWS": "arn:aws:iam::AWS_ACCOUNT_ID:root"
// },
// "Action": "glacier:DeleteArchive",
// "Resource": "arn:aws:glacier:us-west-2:AWS_ACCOUNT_ID:vaults/chilkat"
// }
// ]
// }
let jsonPolicy = CkoJsonObject()!
jsonPolicy.updateString(jsonPath: "Version", value: "2012-10-17")
jsonPolicy.updateString(jsonPath: "Statement[0].Sid", value: "Define-owner-access-rights")
jsonPolicy.updateString(jsonPath: "Statement[0].Effect", value: "Allow")
jsonPolicy.updateString(jsonPath: "Statement[0].Principal.AWS", value: "arn:aws:iam::AWS_ACCOUNT_ID:root")
jsonPolicy.updateString(jsonPath: "Statement[0].Action", value: "glacier:DeleteArchive")
// Notice here the name of the vault: "chilkat". Change it to your vault name. Also use your actual AWS account ID.
jsonPolicy.updateString(jsonPath: "Statement[0].Resource", value: "arn:aws:glacier:us-west-2:AWS_ACCOUNT_ID:vaults/chilkat")
// Wrap the above JSON in this JSON:
// {
// "Policy": "{ ... the above JSON ... }"
// }
let json = CkoJsonObject()!
json.updateString(jsonPath: "Policy", value: jsonPolicy.emit())
let sbRequestBody = CkoStringBuilder()!
json.emitSb(sb: sbRequestBody)
let sbResponseBody = CkoStringBuilder()!
success = rest.fullRequestSb(httpVerb: "PUT", uriPath: "/AWS_ACCOUNT_ID/vaults/chilkat/access-policy", requestBody: sbRequestBody, responseBody: sbResponseBody)
if success != true {
print("\(rest.lastErrorText!)")
return
}
var respStatusCode: Int = rest.responseStatusCode.intValue
if respStatusCode >= 400 {
print("Response Status Code = \(respStatusCode)")
print("Response Header:")
print("\(rest.responseHeader!)")
print("Response Body:")
print("\(sbResponseBody.getAsString()!)")
return
}
// Success is indicated by a 204 response status with an empty response body.
print("response status code = \(respStatusCode)")
}