<p>正如许多人已经评论过的,<a href="https://stackoverflow.com/a/2628984/45773">initially accepted answer</a>并不适用于<a href="http://aws.amazon.com/cloudfront/" rel="nofollow noreferrer">Amazon CloudFront</a>事实上,到目前为止<a href="http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html" rel="nofollow noreferrer">Serving Private Content through CloudFront</a>需要使用专用的<a href="http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls-overview.html" rel="nofollow noreferrer">CloudFront Signed URLs</a>-因此<a href="https://stackoverflow.com/a/6624431/45773">secretmike's answer</a>是正确的,但是在他自己花时间和<a href="https://github.com/boto/boto/pull/357" rel="nofollow noreferrer">Added support for generating signed URLs for CloudFront</a>(非常感谢这一点)之后,它就过时了。</p>
<p><a href="http://boto.readthedocs.org/en/latest/" rel="nofollow noreferrer">boto</a>现在支持一个专用的<a href="http://boto.readthedocs.org/en/latest/ref/cloudfront.html#boto.cloudfront.distribution.Distribution.create_signed_url" rel="nofollow noreferrer">create_signed_url</a>方法,而以前的二进制依赖M2Crypto最近也被<a href="http://stuvel.eu/rsa" rel="nofollow noreferrer">pure-Python RSA implementation</a>替换,请参见<a href="https://github.com/boto/boto/pull/1214" rel="nofollow noreferrer">Don't use M2Crypto for cloudfront URL signing</a>。</p>
<p>越来越常见的是,可以在相关的单元测试中找到一个或多个好的用法示例(请参见<a href="https://github.com/boto/boto/blob/develop/tests/unit/cloudfront/test_signed_urls.py" rel="nofollow noreferrer">test_signed_urls.py</a>),例如<a href="https://github.com/boto/boto/blob/417de058ed3636a8088168c28d2672972ace284f/tests/unit/cloudfront/test_signed_urls.py#L343" rel="nofollow noreferrer">test_canned_policy(self)</a>-请参见<a href="https://github.com/boto/boto/blob/417de058ed3636a8088168c28d2672972ace284f/tests/unit/cloudfront/test_signed_urls.py#L16" rel="nofollow noreferrer">setUp(self)</a>以获取引用的变量<code>self.pk_id</code>和<code>self.pk_str</code>(显然您需要自己的键):</p>
<pre><code>def test_canned_policy(self):
"""
Generate signed url from the Example Canned Policy in Amazon's
documentation.
"""
url = "http://d604721fxaaqy9.cloudfront.net/horizon.jpg?large=yes&license=yes"
expire_time = 1258237200
expected_url = "http://example.com/" # replaced for brevity
signed_url = self.dist.create_signed_url(
url, self.pk_id, expire_time, private_key_string=self.pk_str)
# self.assertEqual(expected_url, signed_url)
</code></pre>