Free eBooks Download

# Paperback: 600 pages
# Publisher: O’Reilly Media, Inc. (March 25, 2008)
# Language: English
# ISBN-10: 0596515812
# ISBN-13: 978-0596515812
# Product Dimensions: 9.1 x 7 x 0.9 inches
# Shipping Weight: 1.9 pounds

Amazon.com Review
Product Description
Building on the success of its front and consummation services, Amazon today allows businesses to “rent” profession power, accumulation hardware and bandwidth on its vast meshwork platform. This aggregation demonstrates how developers employed with small- to mid-sized companies crapper verify plus of Amazon Web Services (AWS) such as the Simple Storage Service (S3), Elastic Compute Cloud (EC2), Simple Queue Service (SQS), Flexible Payments Service (FPS), and SimpleDB to physique web-scale playing applications. With AWS, Amazon offers a newborn family for IT infrastructure: ingest what you need, as you requirement it, and clear as you go. Programming Web Services explains how you crapper admittance Amazon’s unstoppered APIs to accumulation and separate applications, kinda than pay wanted instance and resources antiquity your own. With this book, you’ll wager every the theoretical info you requirement to: Store and regain whatever turn of accumulation using covering servers, oceanic accumulation storage, and bandwidth with the Amazon S3 assist Buy profession instance using Amazon EC2’s programme to appropriation machines, alluviation them with an covering environment, curb admittance permissions, and separate your ikon using as whatever or whatever systems as necessary Use Amazon’s web-scale messaging stock to accumulation messages as they shitting between computers with Amazon SQS Leverage the Amazon FPS assist to scheme commercialism manual and earmark the shitting of money between whatever digit entities, humans or computers Create and accumulation binary accumulation sets, ask your accumulation easily, and convey the results using Amazon SimpleDB. Scale up or downbound at a moment’s notice, using these services to state as such instance and expanse as you requirement Whether you’re play a newborn online business, requirement to act upexisting services, or order an offsite patronage for your home, Programming Web Services gives you the scenery and the applicatory noesis you requirement to move using AWS. Other books vindicate how to physique scheme services. This aggregation teaches businesses how to verify attain ingest of existing services from an ingrained profession leader.

Create HTML POST Forms That Allow Your Web Site Visitors to Upload Files Into Your S3 Account Using a Standard Web Browser
By saint Murty, creator of the JetS3t Java S3 accumulation and communicator of Programming Amazon Web Services

Amazon’s Simple Storage Service (S3) provides affordable and oceanic online accumulation hardware for anyone with a assign bill and an Amazon Web Service (AWS) account. If you hit an AWS account, you crapper interact with the S3 assist using primary tools to upload and curb your files. It is rattling favourable to hit admittance to this online hardware inventiveness for yourself, but there haw be situations where you would same to earmark others to upload files into your account.

For this purpose, S3 accepts uploads via specially-crafted and pre-authorized HTML POST forms. You crapper earmark these forms in whatever scheme tender to earmark your scheme place visitors to beam you files using null more than a acknowledged scheme browser.

In this article, I module shew how to physique ultimate S3 POST forms. I module adopt that you hit already subscribed up for the S3 service, and that you hit an S3 computer aggregation for creating buckets and watch files in your account. Before you proceed, create your possess containerful to accumulation uploaded files — in the examples beneath I module ingest a containerful titled s3-bucket.
POST Form Web Page

Here is a scheme tender with an S3 POST Form that you crapper ingest as a model for your possess forms:

This model demonstrates whatever essential features of an S3 POST form, and the scheme tender that contains it:

* The scheme tender that contains the add has a meta attach in the nous country that tells scheme browsers to ingest the UTF-8 unicode housing encoding.
* The form’s state constant specifies an S3 come that includes the study of your instruction bucket, in this housing the containerful titled s3-bucket.
* The add contains a sort of signaling fields with constant obloquy and values that module be dispatched to the S3 service. If whatever required signaling fields are missing, or if a earth has an inaccurate value, the assist module not accept uploads from the form.

The S3 assist uses aggregation from the form’s signaling fields to clear uploads, and to ordered the properties of uploaded enter objects. Here is a statement of the most ordinary signaling fields:
Field Name Description
key A study for the S3 goal that module accumulation the uploaded file’s data. This study crapper be ordered in front when you undergo what aggregation the individual module upload, for example: uploads/monthly_report.txt.

If you do not undergo the study of the enter a individual module upload, the key continuance crapper earmark the primary uncertain ${filename} which module be replaced with the study of the uploaded file. For example, the key continuance uploads/${filename} module embellish the goal study uploads/Birthday Cake.jpg if the individual uploads a enter titled Birthday Cake.jpg.
AWSAccessKeyId The Access attorney Identifier credential for your Amazon Web Service account.
acl The admittance curb contract to administer to the uploaded file. If you do not poverty the uploaded enter to be prefabricated acquirable to the generalized public, you should ingest the continuance private. To attain the uploaded enter publically available, ingest the continuance public-read.
success_action_redirect The come address to which the user’s scheme covering module be redirected after the enter is uploaded. This come should saucer to a “Successful Upload” tender on your scheme site, so you crapper inform your users that their files hit been accepted. S3 module add bucket, key and etag parameters to this come continuance to inform your scheme covering of the positioning and hash continuance of the uploaded file.
policy A Base64-encoded contract writing that applies rules to enter uploads dispatched by the S3 POST form. This writing is utilised to clear the form, and to bill conditions on the files that crapper be uploaded. Policy documents module be described in more discourse below.
signature A mode continuance that authorizes the add and proves that exclusive you could hit created it. This continuance is premeditated by language the Base64-encoded contract writing with your AWS Secret Key, a impact that I module shew below.
Content-Type The noesis identify (mime type) that module be practical to the uploaded file, for warning image/jpeg for JPEG represent files. If you do not undergo what identify of enter a individual module upload, you crapper either stimulate the individual to wage the pertinent noesis type, or indite covering scripting cipher that module automatically ordered this continuance supported on the file’s name.

If you do not ordered the noesis identify with this field, S3 module ingest the choice continuance application/octet-stream which haw preclude whatever scheme browsers from existence healthy to pass the enter properly.
file The signaling earth that allows a individual to superior a enter to upload. This earth staleness be the terminal digit in the form, as whatever fields beneath it are unnoticed by S3.

This overview of the form’s signaling fields should hold you to add the model POST add to meet your possess purposes. At a minimum, you module requirement to add the form’s state constant to saucer to your possess S3 bucket, and ordered the continuance of the AWSAccessKeyId earth to your AWS Access attorney credential.

To rank the add and attain it unexceptionable to the S3 service, you module also requirement to create a contract writing and mode value.
Policy Document

S3 POST forms earmark a contract writing that authorizes the add and imposes limits on the files that crapper be uploaded. When S3 receives a enter via a POST form, it module analyse the contract writing and mode to hold that the add was created by someone who is allowed to accumulation files in the direct S3 account.

A contract writing is a assemblage of properties spoken in JavaScript Object Notation, which exclusive effectuation that the document’s scheme and noesis staleness change to a destined format. Every contract writing contains digit top-level items:

* ending - A borough Mean Time (GMT) timestamp that specifies when the contract writing module expire. Once a contract writing has expired, the upload add module no individual work.
* conditions - A ordered of rules to delimitate the values that haw be included in the form’s signaling fields, and to bill filler limits for enter uploads.

Here is a contract writing same to the POST add model above. This contract has an ending fellow of Jan 1st 2009:

{”expiration”: “2009-01-01T00:00:00Z”, “conditions”: [ {”bucket”: “s3-bucket”}, [”starts-with”, “$key”, “uploads/”], {”acl”: “private”}, {”success_action_redirect”: “http://localhost/”}, [”starts-with”, “$Content-Type”, “”], [”content-length-range”, 0, 1048576] ] }

To create a legal S3 POST form, you staleness earmark a contract writing whose conditions country contains a conception for nearly every signaling earth in the form. At a minimum, this writing staleness earmark rules for the containerful and key values of the uploaded enter object. In constituent to these digit rules, you module requirement to earmark a conception for every another signaling earth in the add eliminate for AWSAccessKeyId, signature, contract and file.

Because our model POST add includes the signaling fields acl, success_action_redirect, and Content-Type, our contract writing includes rules same to these fields. Our contract writing also includes an player content-length-range conception that limits the filler of files that crapper be uploaded.

There are threesome kinds of rules you crapper administer in your contract document:

1. Equality rule, which checks that an signaling field’s continuance is ordered to a presented string. An status conception is spoken as a study and continuance unify within stock characters, for example: {”acl”: “private”}
2. Starts-With rule, which checks that an signaling field’s continuance begins with a presented string. If the presented progress is empty, S3 module analyse exclusive that the earth is inform in the add and module not tending what continuance it contains. A starts-with conception is spoken as a three-element clothing that contains the constituent starts-with, followed by the study of the signaling earth preceded by a $ symbol, then the prefix progress continuance for comparison.
In the contract writing above, we ingest starts-with rules for the key and Content-Type fields because we do not undergo in front the study of the enter a individual module upload, or what identify of enter it module be. The conception for the Content-Type earth uses an blank progress for comparison, which effectuation it module accept whatever noesis identify value. The conception for the object’s key study uses the prefix progress “upload/”, which effectuation that the key continuance staleness ever move with the upload/ subdirectory path.
3. Content filler rule, which checks that the filler of an uploaded enter is between a presented peak and peak value. If this conception is not included in a contract document, users module be healthy to upload files of whatever filler up to the 5GB bounds imposed by S3.
A noesis filler conception is spoken as a three-element clothing that contains the constituent content-length-range, followed by number values to ordered the peak and peak enter size. The contract writing above includes a noesis filler conception that module preclude the add from uploading files super than 1MB in filler (1,048,576 bytes).

It is essential to attain trusty that your contract writing corresponds just to your S3 POST form. If there are whatever discrepancies between the signaling earth values in your add and the conception values in your contract document, or if your add contains signaling fields that do not hit same rules in your policy, the S3 assist module react the add and convey an obscure XML nonachievement communication to your users.
Sign Your S3 POST Form

To rank your S3 POST form, you staleness clew it to establish to S3 that you actually created the form. If you do not clew the add properly, or if someone added tries to add your add after it has been signed, the assist module be unable to clear it and module react the upload.

To clew your add you requirement to action digit steps:

1. Base64-encode the contract document, and earmark it in the form’s contract signaling field.
2. Calculate a mode continuance (SHA-1 HMAC) from the encoded contract writing using your AWS Secret attorney credential as a password. Include this continuance in the form’s mode signaling earth after Base64-encoding it.

Almost every planning languages earmark libraries for performing these digit steps. Here are whatever warning cipher fragments to do the employ with assorted languages, forward you hit already circumscribed the variables policy_document and aws_secret_key.
Ruby

require ‘base64′ order ‘openssl’ order ‘digest/sha1′ contract = Base64.encode64(policy_document).gsub(”\n”,”") mode = Base64.encode64( OpenSSL::HMAC.digest( OpenSSL::Digest::Digest.new(’sha1′), aws_secret_key, policy) ).gsub(”\n”,”")

Java

import sun.misc.BASE64Encoder; goods javax.crypto.Mac; goods javax.crypto.spec.SecretKeySpec; String contract = (new BASE64Encoder()).encode( policy_document.getBytes(”UTF-8″)).replaceAll(”\n”,”"); Mac hmac = Mac.getInstance(”HmacSHA1″); hmac.init(new SecretKeySpec( aws_secret_key.getBytes(”UTF-8″), “HmacSHA1″)); String mode = (new BASE64Encoder()).encode( hmac.doFinal(policy.getBytes(”UTF-8″))) .replaceAll(”\n”, “”);

Python

import base64 goods hmac, sha contract = base64.b64encode(policy_document) mode = base64.b64encode( hmac.new(aws_secret_key, policy, sha).digest())

Once you hit premeditated the values for the contract and mode signaling fields and included these values in your form, the add should be complete. Save the scheme tender and add writing as an .html file, unstoppered it in your selection scheme browser, and effort it by uploading whatever files to your S3 bucket.
Conclusion

The add scheme tender and contract writing templates in this article should wage you a play saucer for creating your possess upload forms. With whatever secondary modifications to the model documents and a lowercase coding, you module be healthy to create commissioned forms that attain it cushy for your scheme place visitors to upload files to your S3 account.

The S3 service’s POST hold is a coercive feature with whatever possibleness uses. You could create a azygos upload add to earmark your friends and colleagues to beam you files that are likewise super for email, or you could add your scheme applications to create forms on-demand so your users crapper accumulation their accumulation in S3 kinda than on your possess server. Just advert that you module be susceptible for whatever S3 accumulation designate and hardware fees incurred by the grouping who ingest your forms.

About the Author
James Murty is a code developer with comprehensive undergo creating web-based applications and architectures using Java. With a employed scenery spanning a investigate institute, a diminutive code concern and different corporations he has a panoptic appearance on both the prospect and the difficulties inexplicit in networked applications.

Most fresh saint has been agog to wager the uprise of scheme applications and services that wage compelling newborn tools and newborn structure of forthcoming older problems. While experimenting in this Atlantic he created JetS3t, an unstoppered maker accumulation and covering flat that is the directive Java feat acquirable for Amazon’s S3 accumulation hardware service.

Programming Amazon Web Services: S3, EC2, SQS, FPS, and SimpleDB (Programming)