AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install,...

229
AWS SDK for Ruby Developer Guide AWS SDK for Ruby: Developer Guide

Transcript of AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install,...

Page 1: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for RubyDeveloper Guide

AWS SDK for Ruby: Developer Guide

Page 2: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer Guide

Table of ContentsAWS SDK for Ruby Developer Guide .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Using the AWS SDK for Ruby with AWS Cloud9 .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1About This Guide .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Additional Documentation and Resources .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Deploying to the AWS Cloud .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2Maintenance and support for SDK major versions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Getting Started .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Quick Start Guide .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Write the Code .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Run the Code .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Note for Windows Users ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Installing the SDK .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Prerequisites ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Installing the SDK .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Hello World Tutorial ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Using the AWS SDK for Ruby in Your Program ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Creating an Amazon S3 Resource .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Creating a Bucket .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Adding a File to the Bucket .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Listing the Contents of a Bucket .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Complete Program ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Running the Program ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Next Steps .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Configuring the SDK .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Get your AWS access keys .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

To get your access key ID and secret access key .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Setting AWS Credentials ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Setting Shared Credentials ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Setting Credentials Using Environment Variables .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Setting Credentials Using Aws.config .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Changing your Credentials Location .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Setting Credentials in a Client Object ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Setting Credentials Using IAM ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Creating an AWS STS Access Token .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Setting a Region .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Setting the Region Using Environment Variables .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Setting the Region Using Aws.config .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Setting the Region in a Client or Resource Object ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Setting a Nonstandard Endpoint ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11SDK Metrics ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Authorize SDK Metrics ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Set Up SDK Metrics ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14SDK Metric Definitions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Using Cloud9 with the SDK .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Step 1: Set up Your AWS Account to Use AWS Cloud9 .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Step 2: Set up Your AWS Cloud9 Development Environment .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Step 3: Set up the AWS SDK for Ruby .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Step 4: Download Example Code .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Step 5: Run Example Code .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Using the SDK .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Using the AWS SDK for Ruby REPL Tool ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Using the SDK with Ruby on Rails ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Migrating from Version 1 or 2 to Version 3 of the AWS SDK for Ruby .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Side-by-Side Usage .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

ii

Page 3: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer Guide

General Differences .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Client Differences .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Resource Differences .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Debugging Tip: Getting Wire Trace Information from a Client .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Stubbing Client Responses and Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Stubbing Client Responses .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Stubbing Client Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Paging Response Data .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Paged Responses Are Enumerable .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Handling Paged Responses Manually ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Paged Data Classes .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Using Waiters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Invoking a Waiter ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Wait Failures .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Configuring a Waiter ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Extending a Waiter ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Specifying a Client Timeout Duration .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28Code Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

AWS CloudTrail Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29Listing the CloudTrail Trails ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29Creating a CloudTrail Trail .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Listing CloudTrail Trail Events .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Deleting a CloudTrail Trail .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Amazon CloudWatch Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Getting Information about Amazon CloudWatch Alarms .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Creating an Amazon CloudWatch Alarm ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35Enabling and Disabling Amazon CloudWatch Alarm Actions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38Getting Information about Custom Metrics for Amazon CloudWatch .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40Sending Events to Amazon CloudWatch Events .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

AWS CodeBuild Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56Getting Information about All AWS CodeBuild Projects ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56Building an AWS CodeBuild Project ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57Listing AWS CodeBuild Project Builds .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Amazon DynamoDB Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Getting Information about All Amazon DynamoDB Tables .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Creating an Amazon DynamoDB Table .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60Adding an Item to an Amazon DynamoDB Table .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61Loading Items from a JSON File into an Amazon DynamoDB Table .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63Reading an Item in an Amazon DynamoDB Table .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65Updating an Amazon DynamoDB Table Item ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66Deleting an Amazon DynamoDB Table Item ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67Deleting an Amazon DynamoDB Table .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Amazon EC2 Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69Creating an Amazon EC2 VPC .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69Creating an Internet Gateway and Attaching It to a VPC in Amazon EC2 .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71Creating a Public Subnet for Amazon EC2 .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72Creating an Amazon EC2 Route Table and Associating It with a Subnet .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74Using Elastic IP Addresses in Amazon EC2 .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76Creating an Amazon EC2 Security Group .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80Working with Amazon EC2 Security Groups .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82Working with Key Pairs in Amazon EC2 .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87Getting Information about All Amazon EC2 Instances .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90Getting Information about All Amazon EC2 Instances with a Specific Tag Value .... . . . . . . . . . . . . . . . . . . . . 91Getting Information about a Specific Amazon EC2 Instance .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92Creating an Amazon EC2 Instance .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93Stopping an Amazon EC2 Instance .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95Starting an Amazon EC2 Instance .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

iii

Page 4: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer Guide

Rebooting an Amazon EC2 Instance .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98Managing Amazon EC2 Instances .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99Terminating an Amazon EC2 Instance .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102Getting Information about Regions and Availability Zones for Amazon EC2 .... . . . . . . . . . . . . . . . . . . . . . . . 104

AWS Elastic Beanstalk Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106Getting Information about All Applications in AWS Elastic Beanstalk .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106Getting Information about a Specific Application in AWS Elastic Beanstalk .... . . . . . . . . . . . . . . . . . . . . . . . . 106Updating a Ruby on Rails Application for AWS Elastic Beanstalk .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

AWS Identity and Access Management (IAM) Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108Getting Information about IAM Users ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109Listing IAM Users who are Administrators ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110Adding a New IAM User .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113Create User Access Keys for an IAM User .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114Adding a Managed Policy to an IAM User .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115Creating an IAM Role .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116Managing IAM Users ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117Working with IAM Policies ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120Managing IAM Access Keys .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123Working with IAM Server Certificates .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127Managing IAM Account Aliases .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

AWS KMS Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Creating a CMK in AWS KMS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Encrypting Data in AWS KMS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133Decrypting a Data Blob in AWS KMS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134Re-encrypting a Data Blob in AWS KMS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

AWS Lambda Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Displaying Information about All Lambda Functions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Creating a Lambda Function .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136Running a Lambda Function .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137Configuring a Lambda Function to Receive Notifications .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Amazon Polly Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139Getting a List of Voices .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139Getting a List of Lexicons .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140Synthesizing Speech .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Amazon RDS Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142Getting Information about All Amazon RDS Instances .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142Getting Information about All Amazon RDS Snapshots .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Getting Information about All Amazon RDS Clusters and Their Snapshots .... . . . . . . . . . . . . . . . . . . . . . . . . . 143Getting Information about All Amazon RDS Security Groups .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144Getting Information about All Amazon RDS Subnet Groups .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Getting Information about All Amazon RDS Parameter Groups .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Creating a Snapshot of an Amazon RDS Instance .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146Creating a Snapshot of an Amazon RDS Cluster ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Amazon S3 Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147Getting Information about All Amazon S3 Buckets ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147Getting Information about All Amazon S3 Buckets in a Region .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148Creating and Using an Amazon S3 Bucket .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149Determining Whether an Amazon S3 Bucket Exists ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153Getting Information about Amazon S3 Bucket Objects ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155Uploading an Object to an Amazon S3 Bucket .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156Uploading an Object with Metadata to an Amazon S3 Bucket .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157Downloading an Object from an Amazon S3 Bucket into a File ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Changing the Properties for an Amazon S3 Bucket Object ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159Encrypting Amazon S3 Bucket Items .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160Triggering a Notification When an Item is Added to an Amazon S3 Bucket .... . . . . . . . . . . . . . . . . . . . . . . . . . 173Creating a LifeCycle Rule Configuration Template for an Amazon S3 Bucket .... . . . . . . . . . . . . . . . . . . . . . . 175Creating an Amazon S3 Bucket Policy with Ruby .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

iv

Page 5: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer Guide

Configuring an Amazon S3 Bucket for CORS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181Managing Amazon S3 Bucket and Object Access Permissions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183Using a Amazon S3 Bucket to Host a Website .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

Amazon SES Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188Listing Valid Amazon SES Email Addresses .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188Verifying an Email Address in Amazon SES .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189Sending a Message to an Email Address in Amazon SES .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189Getting Amazon SES Statistics ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Amazon SNS Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192Getting Information about All Amazon SNS Topics ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192Creating an Amazon SNS Topic ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192Getting Information about All Subscriptions in an Amazon SNS Topic ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193Creating a Subscription in an Amazon SNS Topic ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193Sending a Message to All Amazon SNS Topic Subscribers ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194Enabling a Resource to Publish to an Amazon SNS Topic ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

Amazon SQS Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195Getting Information about All Queues in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196Creating a Queue in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196Working with Queues in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197Sending Messages in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198Sending and Receiving Messages in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199Receiving Messages in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201Receiving Messages Using Long Polling in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201Enabling Long Polling in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Receiving Messages Using the QueuePoller Class in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204Redirecting Dead Letters in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206Deleting a Queue in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206Enabling a Resource to Publish to a Queue in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207Working with a Dead Letter Queue in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Specifying the Message Visibility Timeout in Amazon SQS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

Amazon WorkDocs Examples .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211Listing Users ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212Listing User Docs .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212

Tips and Tricks .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215Amazon EC2 Tips and Tricks .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

Switching Elastic IPs ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215Security ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

Data Protection .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Identity and Access Management .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217Compliance Validation .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217Resilience .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Infrastructure Security ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Using TLS 1.2 .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218

Checking the OpenSSL version .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Upgrading TLS support ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

S3 Encryption Client Migration .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Migration Overview .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Update Existing Clients to Read New Formats .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220Migrate Encryption and Decryption Clients to V2 .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

Document History .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224

v

Page 6: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing the AWS SDK for Ruby with AWS Cloud9

AWS SDK for Ruby Developer GuideWelcome to the AWS SDK for Ruby.

The AWS SDK for Ruby helps take the complexity out of coding by providing Ruby classes for almost allAWS services, including Amazon Simple Storage Service, Amazon Elastic Compute Cloud, and AmazonDynamoDB. For a complete list of services supported by the AWS SDK for Ruby, see the SupportedServices section of the AWS SDK for Ruby Readme file. This section also lists the gems that the AWS SDKfor Ruby supports as version 3 modularized the monolithic SDK gem into service-specific gems.

Using the AWS SDK for Ruby with AWS Cloud9AWS Cloud9 is a web-based integrated development environment (IDE) that contains a collection oftools that you use to code, build, run, test, debug, and release software in the cloud.

See Using AWS Cloud9 with the AWS SDK for Ruby (p. 18) for information on using AWS Cloud9 withthe AWS SDK for Ruby.

About This GuideThe AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use theAWS SDK for Ruby to create Ruby applications that use AWS services.

This guide contains the following sections:

Getting Started with the AWS SDK for Ruby (p. 3)

Describes how to install, configure, and use the AWS SDK for Ruby.Configuring the AWS SDK for Ruby (p. 8)

Steps you through how to configure the AWS SDK for Ruby.Using the AWS SDK for Ruby (p. 20)

Provides general information about developing applications with the AWS SDK for Ruby.AWS SDK for Ruby Code Examples (p. 29)

Provides code examples for programming AWS services with the AWS SDK for Ruby. You can browsethe AWS SDK for Ruby examples in the AWS Code Sample Catalog.

AWS SDK for Ruby Tips and Tricks (p. 215)

Provides helpful information for using the AWS SDK for Ruby with AWS services.Document History (p. 224)

Describes the history of this document.

Additional Documentation and ResourcesFor more resources for AWS SDK for Ruby developers, see the following:

1

https://github.com/aws/aws-sdk-ruby/blob/master/README.md#supported-services
https://github.com/aws/aws-sdk-ruby/blob/master/README.md#supported-services
https://docs.amazonaws.cn/code-samples/latest/catalog/code-catalog-ruby.html
Page 7: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDeploying to the AWS Cloud

• AWS SDK for Ruby API Reference - Version 3• Developer blog• Developer forums (you must have an AWS account to access the forums)• Gitter channel• @awsforruby on Twitter• On GitHub:

• Releases (includes source, gems, and documentation)• Source• Change logs under each gem• Moving from v1 to v2• Moving from v2 to v3• Issues• Core upgrade notes

Deploying to the AWS CloudYou can use AWS services such as AWS Elastic Beanstalk, AWS OpsWorks, and CodeDeploy to deployyour application to the AWS Cloud. For deploying Ruby applications with Elastic Beanstalk, seeDeploying Elastic Beanstalk Applications in Ruby Using EB CLI and Git in the AWS Elastic BeanstalkDeveloper Guide. For deploying a Ruby on Rails application with AWS OpsWorks, see Deploying Rubyon Rails Applications to AWS OpsWorks. For an overview of AWS deployment services, see Overview ofDeployment Options on AWS.

Maintenance and support for SDK major versionsFor information about maintenance and support for SDK major versions and their underlyingdependencies, see the following in the AWS SDKs and Tools Shared Configuration and CredentialsReference Guide:

• AWS SDKs and Tools Maintenance Policy• AWS SDKs and Tools Version Support Matrix

2

https://docs.amazonaws.cn/sdk-for-ruby/v3/api/AWS SDK for Ruby API Reference - Version 3.html
http://ruby.awsblog.com/
https://forums.aws.csdn.net/forum.jspa?forumID=125
https://gitter.im/aws/aws-sdk-ruby
https://twitter.com/awsforruby
https://github.com/aws/aws-sdk-ruby/releases
https://github.com/aws/aws-sdk-ruby/
https://github.com/aws/aws-sdk-ruby/blob/master/gems
https://github.com/aws/aws-sdk-ruby/blob/master/MIGRATING.md
https://github.com/aws/aws-sdk-ruby/blob/master/V3_UPGRADING_GUIDE.md
https://github.com/aws/aws-sdk-ruby/issues
https://github.com/aws/aws-sdk-ruby/blob/master/UPGRADING.md
https://docs.amazonaws.cn/elasticbeanstalk/latest/dg/create_deploy_Ruby.html
http://ruby.awsblog.com/post/Tx7FQMT084INCR/Deploying-Ruby-on-Rails-Applications-to-AWS-OpsWorks
http://ruby.awsblog.com/post/Tx7FQMT084INCR/Deploying-Ruby-on-Rails-Applications-to-AWS-OpsWorks
https://d0.awsstatic.com/whitepapers/overview-of-deployment-options-on-aws.pdf
https://d0.awsstatic.com/whitepapers/overview-of-deployment-options-on-aws.pdf
https://docs.amazonaws.cn/credref/latest/refdocs/overview.html
https://docs.amazonaws.cn/credref/latest/refdocs/overview.html
https://docs.amazonaws.cn/credref/latest/refdocs/maint-policy.html
https://docs.amazonaws.cn/credref/latest/refdocs/version-support-matrix.html
Page 8: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideQuick Start Guide

Getting Started with the AWS SDKfor Ruby

If you’re new to the AWS SDK for Ruby, you should start here. This section contains information aboutinstalling, setting up, and using the SDK to create a Ruby application to access Amazon S3.

Topics• QuickStart Guide to Using the AWS SDK for Ruby (p. 3)• Installing the AWS SDK for Ruby (p. 4)• Hello World Tutorial for the AWS SDK for Ruby (p. 4)

QuickStart Guide to Using the AWS SDK for RubyThis section shows you how to use the AWS SDK for Ruby to create a simple Ruby application that listsyour Amazon S3 buckets.

• If you haven’t installed the SDK, see Installing the AWS SDK for Ruby (p. 4).• If you haven’t configured the SDK, see Configuring the AWS SDK for Ruby (p. 8).

Write the CodeThe following example lists the names of up to 50 of your buckets. Copy the code and save it asbuckets.rb. Note that although the Resource object is created in the us-west-2 region, Amazon S3returns buckets to which you have access, regardless of the region.

require 'aws-sdk-s3' # v2: require 'aws-sdk'

s3 = Aws::S3::Resource.new(region: 'us-west-2')

s3.buckets.limit(50).each do |b| puts "#{b.name}"end

Run the CodeEnter the following command to execute buckets.rb.

ruby buckets.rb

Note for Windows UsersWhen you use SSL certificates on Windows and run your Ruby code, you will see an error similar to thefollowing.

C:\Ruby>ruby buckets.rbC:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:921:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (Seahorse::Client::NetworkingError)

3

Page 9: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideInstalling the SDK

from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:921:in `block in connect'

from C:/Ruby200-x64/lib/ruby/2.0.0/timeout.rb:66:in `timeout' from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:921:in `connect' from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:862:in `do_start' from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:857:in `start'...

To fix this issue, add the following line to your Ruby source file, somewhere before your first AWS call.

Aws.use_bundled_cert!

Note that if you are using just the aws-sdk-s3 gem in your Ruby program, you’ll also need to add theaws-sdk-core gem to use the bundled certificate.

Installing the AWS SDK for RubyThis section includes prerequisites and installation instructions for the AWS SDK for Ruby.

PrerequisitesBefore you install the AWS SDK for Ruby, you need an AWS account and Ruby version 1.9 or later.

If you don’t have an AWS account, use the following procedure to create one.

1. Open http://aws.amazon.com/ and choose Create an AWS Account.2. Follow the online instructions.

Installing the SDKIf your project uses Bundler, add the following line to your Gemfile to add the AWS SDK for Ruby toyour project.

gem 'aws-sdk'

If you don’t use Bundler, the easiest way to install the SDK is to use RubyGems. To install the latestversion of the SDK, use the following command.

gem install aws-sdk

If the previous command fails on your Unix-based system, use sudo to install the SDK, as shown in thefollowing command.

sudo gem install aws-sdk

Hello World Tutorial for the AWS SDK for RubyThis tutorial shows you how to use the AWS SDK for Ruby to create a command line program thatperforms some common Amazon S3 operations.

4

http://www.amazonaws.cn/
http://bundler.io/
https://rubygems.org/gems/aws-sdk/
Page 10: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing the AWS SDK for Ruby in Your Program

Using the AWS SDK for Ruby in Your ProgramAdd a require statement to the top of your Ruby source file so you can use the classes and methodsprovided by the AWS SDK for Ruby.

require 'aws-sdk'

Creating an Amazon S3 ResourceCreate an Aws::S3::Resource object in the appropriate region. The following example creates an AmazonS3 resource object in the us-west-2 region. Note that the region is not important because Amazon S3resources are not specific to a region.

s3 = Aws::S3::Resource.new(region: 'us-west-2')

Creating a BucketTo store anything on Amazon S3, you need a bucket to put it in.

Create an Aws::S3::Bucket object. The following example creates the bucket my_bucket with the namemy-bucket.

my_bucket = s3.bucket('my-bucket')my_bucket.create

Adding a File to the BucketUse the #upload_file method to add a file to the bucket. The following example adds the file namedmy_file to the bucket named my-bucket.

name = File.basename 'my_file'obj = s3.bucket('my-bucket').object(name)obj.upload_file('my_file')

Listing the Contents of a BucketTo list the contents of a bucket, use the Aws::S3::Bucket:Objects method. The following example lists upto 50 bucket items for the bucket my-bucket.

my_bucket.objects.limit(50).each do |obj| puts " #{obj.key} => #{obj.etag}"end

Complete ProgramThe following is the entire hello-s3.rb program.

require 'aws-sdk'

NO_SUCH_BUCKET = "The bucket '%s' does not exist!"

5

https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/S3/Resource.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/S3/Bucket.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/S3/Bucket.html#objects-instance_method
Page 11: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideComplete Program

USAGE = <<DOC

Usage: hello-s3 bucket_name [operation] [file_name]

Where: bucket_name (required) is the name of the bucket

operation is the operation to perform on the bucket: create - creates a new bucket upload - uploads a file to the bucket list - (default) lists up to 50 bucket items

file_name is the name of the file to upload, required when operation is 'upload'

DOC

# Set the name of the bucket on which the operations are performed# This argument is requiredbucket_name = nil

if ARGV.length > 0 bucket_name = ARGV[0]else puts USAGE exit 1end

# The operation to perform on the bucketoperation = 'list' # defaultoperation = ARGV[1] if (ARGV.length > 1)

# The file name to use with 'upload'file = nilfile = ARGV[2] if (ARGV.length > 2)

# Get an Amazon S3 resources3 = Aws::S3::Resource.new(region: 'us-west-2')

# Get the bucket by namebucket = s3.bucket(bucket_name)

case operationwhen 'create' # Create a bucket if it doesn't already exist if bucket.exists? puts "The bucket '%s' already exists!" % bucket_name else bucket.create puts "Created new S3 bucket: %s" % bucket_name end

when 'upload' if file == nil puts "You must enter the name of the file to upload to S3!" exit end

if bucket.exists? name = File.basename file

# Check if file is already in the bucket if bucket.object(name).exists? puts "#{name} already exists in the bucket" else obj = s3.bucket(bucket_name).object(name)

6

Page 12: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideRunning the Program

obj.upload_file(file) puts "Uploaded '%s' to S3!" % name end else NO_SUCH_BUCKET % bucket_name end

when 'list' if bucket.exists? # Enumerate the bucket contents and object etags puts "Contents of '%s':" % bucket_name puts ' Name => GUID'

bucket.objects.limit(50).each do |obj| puts " #{obj.key} => #{obj.etag}" end else NO_SUCH_BUCKET % bucket_name end

else puts "Unknown operation: '%s'!" % operation puts USAGEend

Running the ProgramTo list the contents of a bucket, use either of the following commands, where bucket-name is the nameof the bucket to list. You don’t have to include list because it’s the default operation.

ruby hello-s3.rb bucket-name listruby hello-s3.rb bucket-name

To create a bucket, use the following command, where bucket-name is the name of the bucket youwant to create.

ruby hello-s3.rb bucket-name create

If Amazon S3 already has a bucket named bucket-name, the service issues an error message and doesnot create another copy.

After you create your bucket, you can upload an object to the bucket. The following command addsyour_file.txt to the bucket.

ruby hello-s3.rb bucket-name upload your_file.txt

Next StepsNow that you’ve completed your first AWS SDK for Ruby application, here are some suggestions toextend the code you just wrote:

• Use the buckets collection from the Aws::S3::Resource class to get a list of buckets.• Use #get method from the Bucket class to download an object from the bucket.• Use the code in Adding a File to the Bucket (p. 5) to confirm the item exists in the bucket, and then

update that bucket item.

7

https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/S3/Resource.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/S3/Bucket.html
Page 13: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGet your AWS access keys

Configuring the AWS SDK for RubyLearn how to configure the AWS SDK for Ruby. To use the SDK, you must set either AWS credentials orcreate an AWS STS access token, and set the AWS Region you want to use.

Get your AWS access keysAccess keys consist of an access key ID and secret access key, which are used to sign programmaticrequests that you make to AWS. If you don’t have access keys, you can create them by using the AWSManagement Console. We recommend that you use IAM access keys instead of AWS root account accesskeys. IAM lets you securely control access to AWS services and resources in your AWS account.

NoteTo create access keys, you must have permissions to perform the required IAM actions. For moreinformation, see Granting IAM User Permission to Manage Password Policy and Credentials inthe IAM User Guide.

To get your access key ID and secret access key1. Open the IAM console.2. On the navigation menu, choose Users.3. Choose your IAM user name (not the check box).4. Open the Security credentials tab, and then choose Create access key.5. To see the new access key, choose Show. Your credentials resemble the following:

• Access key ID: AKIAIOSFODNN7EXAMPLE• Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

6. To download the key pair, choose Download .csv file. Store the keys

in a secure location.

ImportantKeep the keys confidential to protect your AWS account, and never email them. Do not sharethem outside your organization, even if an inquiry appears to come from AWS or Amazon.com.No one who legitimately represents Amazon will ever ask you for your secret key.

Related topics

• What Is IAM? in IAM User Guide.• AWS Security Credentials in Amazon Web Services General Reference.

Setting AWS CredentialsBefore you can use the AWS SDK for Ruby to make a call to an AWS service, you must set the AWS accesscredentials that the SDK will use to verify your access to AWS services and resources.

The AWS SDK for Ruby searches for credentials in the following order:

8

https://console.amazonaws.cn/console/home
https://console.amazonaws.cn/console/home
https://docs.amazonaws.cn/IAM/latest/UserGuide/id_credentials_delegate-permissions.html
https://console.amazonaws.cn/iam/home
https://docs.amazonaws.cn/IAM/latest/UserGuide/introduction.html
https://docs.amazonaws.cn/general/latest/gr/aws-security-credentials.html
Page 14: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSetting Shared Credentials

1. Setting Credentials Using Environment Variables (p. 9)2. Setting Shared Credentials (p. 9)3. Setting Credentials Using IAM (p. 10)

You can override these settings in your code. The precedence is:

1. Setting Credentials in a Client Object (p. 10)2. Setting Credentials Using Aws.config (p. 10)

The following sections describe the various ways you can set credentials, starting with the most flexibleapproach. For more information about AWS credentials and recommended approaches for credentialmanagement, see AWS Security Credentials in the Amazon Web Services General Reference.

Note that the shared configuration is loaded only a single time, and credentials are provided statically atclient creation time. Shared credentials do not refresh.

Setting Shared CredentialsSet shared credentials in the AWS credentials profile file on your local system.

On Unix-based systems, such as Linux or OS X, this file is located in the following location.

~/.aws/credentials

On Windows, this file is located in the following location.

%HOMEPATH%\.aws\credentials

This file must have the following format, where default is the name of the default configurationprofile given to these credentials, your_access_key_id is the value of your access key, andyour_secret_access_key is the value of your secret access key.

[default]aws_access_key_id = your_access_key_idaws_secret_access_key = your_secret_access_key

Setting Credentials Using Environment VariablesSet the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables.

Use the export command to set these variables on Unix-based systems, such as Linux or OS X. Thefollowing example sets the value of your access key to your_access_key_id and the value of yoursecret access key to your_secret_access_key.

export AWS_ACCESS_KEY_ID=your_access_key_idexport AWS_SECRET_ACCESS_KEY=your_secret_access_key

To set these variables on Windows, use the set command, as shown in the following example.

set AWS_ACCESS_KEY_ID=your_access_key_idset AWS_SECRET_ACCESS_KEY=your_secret_access_key

9

https://docs.amazonaws.cn/general/latest/gr/aws-security-credentials.html
Page 15: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSetting Credentials Using Aws.config

Setting Credentials Using Aws.configSet the credentials in your code by updating the values in the Aws.config hash.

The following example sets the value of your access key to your_access_key_id and the value of yoursecret access key to your_secret_access_key. Any client or resource you create subsequently will usethese credentials.

Aws.config.update({ credentials: Aws::Credentials.new('your_access_key_id', 'your_secret_access_key')})

Changing your Credentials LocationYou can also use Aws.config to store your credentials in a non-standard location.

The following example updates your configuration to store your credentials at my-path.

shared_creds = Aws::SharedCredentials.new(path: 'my_path')Aws.config.update(credentials: shared_creds)

Setting Credentials in a Client ObjectSet the credentials in your code by specifying them when you create an AWS client.

The following example creates an Amazon S3 client using the access key your_access_key_id and thesecret access key your_secret_access_key.

s3 = Aws::S3::Client.new( access_key_id: 'your_access_key_id', secret_access_key: 'your_secret_access_key')

Setting Credentials Using IAMFor an Amazon Elastic Compute Cloud instance, create an AWS Identity and Access Management role,and then give your Amazon EC2 instance access to that role. For more information, see IAM Roles forAmazon EC2 in the Amazon EC2 User Guide for Linux Instances or IAM Roles for Amazon EC2 in theAmazon EC2 User Guide for Windows Instances.

Creating an AWS STS Access TokenUse the Aws::AssumeRoleCredentials method to create an AWS Security Token Service (AWS STS) accesstoken.

The following example uses an access token to create an Amazon S3 client object, wherelinked::account::arn is the Amazon Resource Name (ARN) of the role to assume and session-name is an identifier for the assumed role session.

role_credentials = Aws::AssumeRoleCredentials.new( client: Aws::STS::Client.new, role_arn: "linked::account::arn", role_session_name: "session-name")

10

https://docs.amazonaws.cn/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
https://docs.amazonaws.cn/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
https://docs.amazonaws.cn/AWSEC2/latest/WindowsGuide/iam-roles-for-amazon-ec2.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/AssumeRoleCredentials.html
Page 16: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSetting a Region

s3 = Aws::S3::Client.new(credentials: role_credentials)

Setting a RegionYou need to set a region when using most AWS services. You can set the AWS Region in ways similar tosetting your AWS credentials. The AWS SDK for Ruby searches for a region in the following order:

• Setting the Region in a Client or Resource Object (p. 11)• Setting the Region Using Aws.config (p. 11)• Setting the Region Using Environment Variables (p. 11)

The rest of this section describes how to set a region, starting with the most flexible approach.

Setting the Region Using Environment VariablesSet the region by setting the AWS_REGION environment variable.

Use the export command to set this variable on Unix-based systems, such as Linux or OS X. Thefollowing example sets the region to us-west-2.

export AWS_REGION=us-west-2

To set this variable on Windows, use the set command. The following example sets the region to us-west-2.

set AWS_REGION=us-west-2

Setting the Region Using Aws.configSet the region by adding a region value to the Aws.config hash. The following example updates theAws.config hash to use the us-west-1 region.

Aws.config.update({region: 'us-west-1'})

Any clients or resources you subsequently create are bound to this region.

Setting the Region in a Client or Resource ObjectSet the region when you create an AWS client or resource. The following example creates an Amazon S3resource object in the us-west-1 region.

s3 = Aws::S3::Resource.new(region: 'us-west-1')

Setting a Nonstandard EndpointIf you need to use a nonstandard endpoint in the region you’ve selected, add an endpoint entry toAws.config or set the endpoint: when creating a service client or resource object. The followingexample creates an Amazon S3 resource object in the other_endpoint endpoint.

11

https://docs.amazonaws.cn/general/latest/gr/rande.html
Page 17: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSDK Metrics

s3 = Aws::S3::Resource.new(endpoint: other_endpoint)

SDK Metrics in the AWS SDK for RubyAWS SDK Metrics for Enterprise Support (SDK Metrics) enables enterprise customers to collect metricsfrom AWS SDKs on their hosts and clients shared with AWS Enterprise Support. SDK Metrics providesinformation that helps speed up detection and diagnosis of issues occurring in connections to AWSservices for AWS Enterprise Support customers.

As telemetry is collected on each host, it is relayed via UDP to localhost, where the CloudWatch agentaggregates the data and sends it to the SDK Metrics service. Therefore, to receive metrics, you must addthe CloudWatch agent to your instance.

The following topics describe how to authorize, set up and configure, and define SDK Metrics in the AWSSDK for Ruby.

Topics• Authorize SDK Metrics to Collect and Send Metrics in the AWS SDK for Ruby (p. 12)• Set up SDK Metrics in the AWS SDK for Ruby (p. 14)• Definitions for SDK Metrics (p. 16)

Authorize SDK Metrics to Collect and Send Metrics inthe AWS SDK for RubyTo collect metrics from AWS SDKs using SDK Metrics for Enterprise Support, Enterprise customers mustcreate an IAM Role that gives CloudWatch agent permission to gather data from their Amazon EC2instance or production environment.

Use the following Ruby code sample or the AWS Console to create an IAM Policy and Role for anCloudWatch agent to access SDK Metrics in your environment.

Learn more about using SDK Metrics with AWS SDK for Ruby in Set up SDK Metrics in the AWS SDK forRuby (p. 14).

Set Up Access Permissions Using the AWS SDK for RubyCreate an IAM role for the instance that has permission for Amazon EC2 Systems Manager and SDKMetrics.

First, create a policy using CreatePolicy. Then create a role using CreateRole. Finally, attach the policy youcreated to your new role with AttachRolePolicy.

require 'aws-sdk-iam' # v2: require 'aws-sdk'

role_name = 'AmazonCSM'

client = Aws::IAM::Client.new(region: 'us-west-2')

csm_policy = { 'Version': '2012-10-17', 'Statement': [ {

12

Page 18: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAuthorize SDK Metrics

'Effect': 'Allow', 'Action': [ 'sdkmetrics:*' ], 'Resource': '*' }, { 'Effect': 'Allow', 'Action': [ 'ssm:GetParameter' ], 'Resource': 'arn:aws:ssm:*:*:parameter/AmazonCSM*' } ]}

# Create policyresp = client.create_policy({ policy_name: role_name, policy_document: csm_policy.to_json, })

policy_arn = resp.policy.arn

puts 'Created policy with ARN: ' + policy_arn

policy_doc = { Version: '2012-10-17', Statement: [ { Effect: 'Allow', Principal: { Service: 'ec2.amazonaws.com' }, Action: 'sts:AssumeRole' },]}

# Create roleclient.create_role( { role_name: role_name, description: 'An instance role that has permission for AWS Systems Manager and SDK Metric Monitoring.', assume_role_policy_document: policy_doc.to_json, })

puts 'Created role ' + role_name

# Attach policy to roleclient.attach_role_policy( { policy_arn: policy_arn, role_name: role_name, })

puts 'Attached policy ' + role_name + 'policy to role: ' + role_name

Set Up Access Permissions by Using the IAM ConsoleAlternatively, you can use the IAM console to create a role.

1. Go to the IAM console, and create a role to use Amazon EC2.2. In the navigation pane, choose Roles.

13

Page 19: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSet Up SDK Metrics

3. Choose Create Role.4. Choose AWS Service, and then EC2.5. Choose Next: Permissions.6. Under Attach permissions policies, choose create policy.7. For Service, choose Systems Manager. For Actions, expand Read, and choose GetParameters. For

resources, specify your CloudWatch agent.8. Add additional permission.9. Select Choose a service, and then Enter service manually. For Service, enter sdkmetrics. Select all

sdkmetrics actions and all resources, and then choose Review Policy.10.Name the Role AmazonSDKMetrics, and add a description.11.Choose Create Role.

Set up SDK Metrics in the AWS SDK for RubyThe following steps demonstrate how to set up SDK Metrics for the AWS SDK for Ruby. These stepspertain to an Amazon EC2 instance running Amazon Linux for a client application that is using the AWSSDK for Ruby. SDK Metrics is also available for your production environments if you enable it whileconfiguring the AWS SDK for Ruby.

To use SDK Metrics, run the latest version of the CloudWatch agent.

For details about IAM Permissions for SDK Metrics, see Authorize SDK Metrics to Collect and Send Metricsin the AWS SDK for Ruby (p. 12).

To set up SDK Metrics with the AWS SDK for Ruby:

1. Create an application with an AWS SDK for Ruby client to use an AWS service.2. Host your project on an Amazon EC2 instance or in your local environment.3. Install and use the latest version of the AWS SDK for Ruby.4. Install and configure a CloudWatch agent on an Amazon EC2 instance or in your local environment.5. Authorize SDK Metrics to collect and send metrics.6. Enable SDK Metrics for the AWS SDK for Ruby (p. 14).

For more information, see:

• Update a CloudWatch Agent (p. 15).• Disable SDK Metrics (p. 16).

Enable SDK Metrics for the AWS SDK for RubyBy default, SDK Metrics is turned off, and the port is set to 31000. The following are the defaultparameters.

//default values[ 'enabled' => false, 'port' => 31000,]

Enabling SDK Metrics is independent of configuring your credentials to use an AWS service.

You can enable SDK Metrics by setting environment variables or by using the AWS Shared config file.

14

Page 20: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSet Up SDK Metrics

Option 1: Set Environment Variables

The SDK first checks the profile specified in the environment variable under AWS_PROFILE to determineif SDK Metrics is enabled.

To turn on SDK Metrics, add the following to your environmental variables.

export AWS_CSM_ENABLED=true

Other configuration settings are available, see update_cw_agent for details. For more information aboutusing shared files, see the environment variables information in configuring-sdk.

NoteEnabling SDK Metrics does not configure your credentials to use an AWS service. To do that, seespecifying-credentials.

Option 2: AWS Shared Config File

If no SDK Metrics configuration is found in the environment variables, the AWS SDK for Ruby looksfor your customized AWS profile field. Then it checks the aws_csm profile. To enable SDK Metrics, addcsm_enabled to the shared config file ~/.aws/config.

[default]csm_enabled = true

[profile aws_csm]csm_enabled = true

Other configuration settings are available, see update_cw_agent for details. For more information aboutusing shared files, see the environment variables information in configuring-sdk.

NoteEnabling SDK Metrics does not configure your credentials to use an AWS service. To do that, seespecifying-credentials.

Update a CloudWatch AgentTo make changes to the port ID, set the values and then restart any AWS jobs that are currently active.

Option 1: Set Environment Variables

Most AWS services use the default port. But if the service you want SDK Metrics to monitor uses a uniqueport, add AWS_CSM_PORT=[PORT-NUMBER], where PORT-NUMBER is the port number, to the host’senvironment variables.

export AWS_CSM_ENABLED=trueexport AWS_CSM_PORT=1234

Option 2: AWS Shared Config File

Most services use the default port. If your service requires a unique port ID, add AWS_CSM_PORT=[PORT-NUMBER], where PORT-NUMBER is the port number, to ~/.aws/config.

[default]csm_enabled = falsecsm_port = 1234

[profile aws_csm]csm_enabled = false

15

Page 21: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSDK Metric Definitions

csm_port = 1234

Restart SDK Metrics

To restart a job, run the following commands.

amazon-cloudwatch-agent-ctl -a stop;amazon-cloudwatch-agent-ctl -a start;

Disable SDK MetricsTo turn off SDK Metrics, set csm_enabled to false in your environment variables or in your AWS Sharedconfig file ~/.aws/config. Then restart your CloudWatch agent so that the changes can take effect.

Set csm_enabled to false

Option 1: Environment Variables

export AWS_CSM_ENABLED=false

Option 2: AWS Shared Config File

NoteEnvironment variables override the AWS Shared config file. If SDK Metrics is enabled in theenvironment variables, the SDK Metrics remains enabled.

[default]csm_enabled = false

[profile aws_csm]csm_enabled = false

Stop SDK Metrics and Restart CloudWatch Agent

To disable SDK Metrics, use the following command.

sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a stop&& echo "Done"

If you are using other CloudWatch features, restart CloudWatch with the following command.

amazon-cloudwatch-agent-ctl -a start;

Definitions for SDK MetricsUse the following descriptions of SDK Metrics to interpret your results. In general, these metrics areavailable for review with your Technical Account Manager during regular business reviews. AWS Supportresources and your Technical Account Manager should have access to SDK Metrics data to help youresolve cases, but if you discover data that is confusing or unexpected, but doesn’t seem to be negativelyimpacting your application’s performance, it is best to review that data during scheduled businessreviews.

Metric Definition How to use it

CallCount Total number of successful orfailed API calls from your codeto AWS services

Use it as a baseline to correlatewith other metrics like errors orthrottling.

16

Page 22: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSDK Metric Definitions

Metric Definition How to use it

ClientErrorCount Number of API calls that failwith client errors (4xx HTTPresponse codes). Examples:Throttling, Access denied, S3bucket does not exist, andInvalid parameter value.

Except in certain cases related tothrottling (ex. when throttlingoccurs due to a limit that needsto be increased) this metriccan indicate something in yourapplication that needs to befixed.

ConnectionErrorCount Number of API calls that failbecause of errors connecting tothe service. These can be causedby network issues betweenthe customer application andAWS services including loadbalancers, DNS failures, transitproviders. In some cases, AWSissues may result in this error.

Use this metric to determinewhether issues are specificto your application or arecaused by your infrastructureand/or network. HighConnectionErrorCount couldalso indicate short timeoutvalues for API calls.

ThrottleCount Number of API calls that fail dueto throttling by AWS services.

Use this metric to assess ifyour application has reachedthrottle limits, as well asto determine the cause ofretries and application latency.Consider distributing calls over awindow instead of batching yourcalls.

ServerErrorCount Number of API calls that faildue to server errors (5xx HTTPresponse codes) from AWSServices. These are typicallycaused by AWS services.

Determine cause of SDK retriesor latency. This metric willnot always indicate that AWSservices are at fault, as someAWS teams classify latency as anHTTP 503 response.

EndToEndLatency Total time for your applicationto make a call using the AWSSDK, inclusive of retries. In otherwords, regardless of whetherit is successful after severalattempts, or as soon as a callfails due to an unretriable error.

Determine how AWS API callscontribute to your application’soverall latency. Higher thanexpected latency may be causedby issues with network, firewall,or other configuration settings,or by latency that occurs as aresult of SDK retries.

17

Page 23: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideStep 1: Set up Your AWS Account to Use AWS Cloud9

Using AWS Cloud9 with the AWSSDK for Ruby

You can use AWS Cloud9 with the AWS SDK for Ruby to write and run your Ruby code using just abrowser. AWS Cloud9 includes tools such as a code editor and terminal. Because the AWS Cloud9 IDEis cloud based, you can work on your projects from your office, home, or anywhere using an internet-connected machine. For general information about AWS Cloud9, see the AWS Cloud9 User Guide.

Follow these instructions to set up AWS Cloud9 with the AWS SDK for Ruby:

• Step 1: Set up Your AWS Account to Use AWS Cloud9 (p. 18)• Step 2: Set up Your AWS Cloud9 Development Environment (p. 18)• Step 3: Set up the AWS SDK for Ruby (p. 18)• Step 4: Download Example Code (p. 19)• Step 5: Run Example Code (p. 19)

Step 1: Set up Your AWS Account to Use AWSCloud9

Start to use AWS Cloud9 by signing in to the AWS Cloud9 console as an AWS Identity and AccessManagement (IAM) entity (for example, an IAM user) in your AWS account who has access permissions forAWS Cloud9.

To set up an IAM entity in your AWS account to access AWS Cloud9, and to sign in to the AWS Cloud9console, see Team Setup for AWS Cloud9 in the AWS Cloud9 User Guide.

Step 2: Set up Your AWS Cloud9 DevelopmentEnvironment

After you sign in to the AWS Cloud9 console, use the console to create an AWS Cloud9 developmentenvironment. After you create the environment, AWS Cloud9 opens the IDE for that environment.

See Creating an Environment in AWS Cloud9 in the AWS Cloud9 User Guide for details.

NoteAs you create your environment in the console for the first time, we recommend that you choosethe option to Create a new instance for environment (EC2). This option tells AWS Cloud9 tocreate an environment, launch an Amazon EC2 instance, and then connect the new instance tothe new environment. This is the fastest way to begin using AWS Cloud9.

Step 3: Set up the AWS SDK for RubyAfter AWS Cloud9 opens the IDE for your development environment, use the IDE to set up the AWS SDKfor Ruby in your environment, as follows.

18

https://docs.amazonaws.cn/cloud9/latest/user-guide/setup.html
https://docs.amazonaws.cn/cloud9/latest/user-guide/create-environment.html
Page 24: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideStep 4: Download Example Code

1. If the terminal isn’t already open in the IDE, open it. On the menu bar in the IDE, choose Window,New Terminal.

2. Run the following command to install the AWS SDK for Ruby.

sudo gem install aws-sdk

If the IDE can’t find RubyGems, run the following command to install it. (This command assumes youchose the option to Create a new instance for environment (EC2), earlier in this topic.)

sudo yum -y install gem

If the IDE can’t find Ruby, run the following command to install it. (This command assumes you chose theoption to Create a new instance for environment (EC2), earlier in this topic.)

sudo yum -y install ruby

Step 4: Download Example CodeUse the terminal you opened in the previous step to download example code for the AWS SDK for Rubyinto the AWS Cloud9 development environment.

To do this, run the following command. This command downloads a copy of all of the code examplesused in the official AWS SDK documentation into your environment’s root directory.

git clone https://github.com/awsdocs/aws-doc-sdk-examples.git

To find code examples for the AWS SDK for Ruby, use the Environment window to open theENVIRONMENT_NAME/aws-doc-sdk-examples/ruby directory, where ENVIRONMENT_NAME is thename of your development environment.

To learn how to work with these and other code examples, see AWS SDK for Ruby CodeExamples (p. 29).

Step 5: Run Example CodeTo run code in your AWS Cloud9 development environment, see Run Your Code in the AWS Cloud9 UserGuide.

19

https://docs.amazonaws.cn/cloud9/latest/user-guide/build-run-debug.html#build-run-debug-run
Page 25: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing the AWS SDK for Ruby REPL Tool

Using the AWS SDK for RubyThis section provides information about developing software with the AWS SDK for Ruby, including howto use some of the SDK’s advanced features.

Topics• Using the AWS SDK for Ruby REPL Tool (p. 20)• Using the SDK with Ruby on Rails (p. 20)• Migrating from Version 1 or 2 to Version 3 of the AWS SDK for Ruby (p. 21)• Debugging Tip: Getting Wire Trace Information from a Client (p. 23)• Stubbing Client Responses and Errors (p. 24)• Paging Response Data (p. 25)• Using Waiters (p. 26)• Specifying a Client Timeout Duration (p. 28)

Using the AWS SDK for Ruby REPL ToolDevelopers can use aws-v3.rb (formerly aws.rb), the interactive command line read-evaluate-printloop (REPL) console tool that is part of the aws-sdk gem.

Although aws-v3.rb does work with the Interactive Ruby Shell (irb), we recommend that you installpry, which provides a more powerful REPL environment.

Use the following command to install pry.

gem install pry

To use aws-v3.rb, you invoke it in a console window using one of the following two command lines.

aws-v3.rbaws-v3.rb -v

The second command line invokes the REPL with extensive HTTP wire logging, which providesinformation about the communication between the AWS SDK for Ruby and AWS. Use this command linewith caution, however, because it also adds overhead that can make your code run slower.

The REPL defines a helper object for every service class. Downcase the service module name to get thename of the helper object. For example, the names of the Amazon S3 and Amazon EC2 helper objectsare s3 and ec2, respectively.

Using the SDK with Ruby on RailsRuby on Rails provides a web development framework that makes it easy to create websites with Ruby.

AWS provides the aws-sdk-rails gem to enable easy integration with Rails. You can use AWS ElasticBeanstalk, AWS OpsWorks, AWS CodeDeploy, or the AWS Rails Provisioner to deploy and run your Railsapplications in the AWS Cloud.

For information on installing and using the aws-sdk-rails gem, see the GitHub repository https://github.com/aws/aws-sdk-rails.

20

http://rubyonrails.org/
https://github.com/awslabs/aws-rails-provisioner
https://github.com/aws/aws-sdk-rails
https://github.com/aws/aws-sdk-rails
Page 26: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideMigrating from Version 1 or 2 to

Version 3 of the AWS SDK for Ruby

Migrating from Version 1 or 2 to Version 3 of theAWS SDK for Ruby

The purpose of this topic is to help you migrate from version 1 or 2 of the AWS SDK for Ruby to version3.

Side-by-Side UsageIt isn’t necessary to replace the version 1 or 2 of the AWS SDK for Ruby with version 3. You can use themtogether in the same application. See this blog post for more information.

A quick example follows.

require 'aws-sdk-v1' # version 1require 'aws-sdk' # version 2require 'aws-sdk-s3' # version 3

s3 = AWS::S3::Client.new # version 1s3 = Aws::S3::Client.new # version 2 or 3

You don’t need to rewrite existing working version 1 or 2 code to start using the version 3 SDK. A validmigration strategy is to only write new code against the version 3 SDK.

General DifferencesVersion 3 differs from version 2 in one important way.

• Each service is available as a separate gem.

Version 2 differs from version 1 in several important ways.

• Different root namespace –Aws versus AWS. This enables side-by-side usage.

• Aws.config– Now a vanilla Ruby hash, instead of a method.

• Strict constructor options - When constructing a client or resource object in the version 1 SDK,unknown constructor options are ignored. In version 2, unknown constructor options trigger anArgumentError. For example:

# version 1AWS::S3::Client.new(http_reed_timeout: 10)# oops, typo'd option is ignored

# version 2Aws::S3::Client.new(http_reed_timeout: 10)# => raises ArgumentError

Client DifferencesThere are no differences between the client classes in version 2 and version 3.

Between version 1 and version 2, the client classes have the fewest external differences. Many serviceclients will have compatible interfaces after client construction. Some important differences:

21

http://ruby.awsblog.com/post/TxFKSK2QJE6RPZ/Upcoming-Stable-Release-of-AWS-SDK-for-Ruby-Version-2
Page 27: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideResource Differences

• Aws::S3::Client - The version 1 Amazon S3 client class was hand-coded. Version 2 is generatedfrom a service model. Method names and inputs are very different in version 2.

• Aws::EC2::Client- Version 2 uses plural names for output lists, version 1 uses the suffix _set. Forexample:

# version 1resp = AWS::EC2::Client.new.describe_security_groupsresp.security_group_set#=> [...]

# version 2resp = Aws::EC2::Client.new.describe_security_groupsresp.security_groups#=> [...]

• Aws::SWF::Client– Version 2 uses structured responses, where version 1 uses vanilla Ruby hashes.

• Service class renames – Version 2 uses a different name for multiple services:

• AWS::SimpleWorkflow has become Aws::SWF

• AWS::ELB has become Aws::ElasticLoadBalancing

• AWS::SimpleEmailService has become Aws::SES

• Client configuration options – Some of the version 1 configuration options are renamed in version 2.Others are removed or replaced. Here are the primary changes:

• :use_ssl has been removed. Version 2 uses SSL everywhere. To disable SSL you must configure an:endpoint that uses http://.

• :ssl_ca_file is now :ssl_ca_bundle

• :ssl_ca_path is now :ssl_ca_directory

• Added :ssl_ca_store.

• :endpoint must now be a fully qualified HTTP or HTTPS URI instead of a hostname.

• Removed :*_port options for each service, now replaced by :endpoint.

• :user_agent_prefix is now :user_agent_suffix

Resource DifferencesThere are no differences between the resource interfaces in version 2 and version 3.

There are significant differences between the resource interfaces in version 1 and version 2. Version 1was entirely hand-coded, where as version 2 resource interfaces are generated from a model. Version 2resource interfaces are significantly more consistent. Some of the systemic differences include:

• Separate resource class – In version 2, the service name is a module, not a class. In this module, it is theresource interface:

# version 1s3 = AWS::S3.new

# version 2s3 = Aws::S3::Resource.new

• Referencing resources – The version 2 SDK separates collections and individual resource getters intotwo different methods:

# version 1s3.buckets['bucket-name'].objects['key'].delete

22

Page 28: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDebugging Tip: Getting Wire

Trace Information from a Client

# version 2s3.bucket('bucket-name').object('key').delete

• Batch operations – In version 1, all batch operations were hand-coded utilities. In version 2, manybatch operations are autogenerated batching operations over the API. Version 2 batching interfacesare very different from version 1.

Debugging Tip: Getting Wire Trace Informationfrom a Client

You can get wire trace information from an AWS client when you create it by setting thehttp_wire_trace option. This information helps differentiate client changes, service issues, and usererrors. The following example creates an Amazon S3 client with wire tracing enabled.

s3 = Aws::S3::Client.new(http_wire_trace: true)

Given the following code and the argument bucket_name, the output displays a message that sayswhether a bucket with that name exists.

require 'aws-sdk'

s3 = Aws::S3::Resource.new(client: Aws::S3::Client.new(http_wire_trace: true))

if s3.bucket(ARGV[0]).exists? puts "Bucket #{ARGV[0]} exists"else puts "Bucket #{ARGV[0]} does not exist"end

If the bucket exists, the output looks something like the following, where ACCESS_KEY is the value ofyour access key. (Returns were added to the HEAD line for readability.)

opening connection to bucket_name.s3-us-west-1.amazonaws.com:443...openedstarting SSL for bucket_name.s3-us-west-1.amazonaws.com:443...SSL established<- "HEAD / HTTP/1.1\r\n Content-Type: \r\n Accept-Encoding: \r\n User-Agent: aws-sdk-ruby2/2.2.7 ruby/2.1.7 x64-mingw32\r\n X-Amz-Date: 20160121T191751Z\r\n Host: bucket_name.s3-us-west-1.amazonaws.com\r\n X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\r\n Authorization: AWS4-HMAC-SHA256 Credential=ACCESS_KEY/20160121/us-west-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=2ca8301c5e829700940d3cc3bca2a3e8d79d177f2c046c34a1a285770db63820\r\n Content-Length: 0\r\n Accept: */*\r\n \r\n"-> "HTTP/1.1 301 Moved Permanently\r\n"-> "x-amz-bucket-region: us-west-2\r\n"-> "x-amz-request-id: F3C75F33EF0792C4\r\n"-> "x-amz-id-2: N6BzRLx8b68NmF50g1IxLzT+E4uWPuAIRe7Pl4XKl5STT4tfNO7gBsO8qrrAnG4CbVpU0iIRXmk=\r\n"

23

Page 29: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideStubbing Client Responses and Errors

-> "Content-Type: application/xml\r\n"-> "Transfer-Encoding: chunked\r\n"-> "Date: Thu, 21 Jan 2016 19:17:54 GMT\r\n"-> "Server: AmazonS3\r\n"-> "\r\n"Conn keep-aliveBucket bucket_name exists

Stubbing Client Responses and ErrorsLearn how to stub client responses and client errors in an AWS SDK for Ruby application.

Stubbing Client ResponsesWhen you stub a response, the AWS SDK for Ruby disables network traffic and the client returns stubbed(or fake) data. If you don’t supply stubbed data, the client returns:

• Lists as empty arrays• Maps as empty hashes• Numeric values as zero• Dates as now

The following example returns stubbed names for the list of Amazon S3 buckets.

require 'aws-sdk'

s3 = Aws::S3::Client.new(stub_responses: true)

bucket_data = s3.stub_data(:list_buckets, :buckets => [{name:'aws-sdk'}, {name:'aws-sdk2'}])s3.stub_responses(:list_buckets, bucket_data)bucket_names = s3.list_buckets.buckets.map(&:name)

# List each bucket by namebucket_names.each do |name| puts nameend

Running this code displays the following.

aws-sdkaws-sdk2

NoteAfter you supply any stubbed data, the default values no longer apply for any remaininginstance attributes. This means that in the previous example, the remaining instance attribute,creation_date, is not now but nil.

The AWS SDK for Ruby validates your stubbed data. If you pass in data of the wrong type, it raises anArgumentError exception. For example, if instead of the previous assignment to bucket_data, youused the following:

bucket_data = s3.stub_data(:list_buckets, buckets:['aws-sdk', 'aws-sdk2'])

24

Page 30: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideStubbing Client Errors

The AWS SDK for Ruby raises two ArgumentError exceptions.

expected params[:buckets][0] to be a hashexpected params[:buckets][1] to be a hash

Stubbing Client ErrorsYou can also stub errors that the AWS SDK for Ruby raises for specific methods. The following exampledisplays Caught Timeout::Error error calling head_bucket on aws-sdk.

require 'aws-sdk'

s3 = Aws::S3::Client.new(stub_responses: true)s3.stub_responses(:head_bucket, Timeout::Error)

begin s3.head_bucket({bucket: 'aws-sdk'})rescue Exception => ex puts "Caught #{ex.class} error calling 'head_bucket' on 'aws-sdk'"end

Paging Response DataSome AWS calls provide paged responses to limit the amount of data returned with each response. Apage of data represents up to 1,000 items.

Paged Responses Are EnumerableThe simplest way to handle paged response data is to use the built-in enumerator in the response object,as shown in the following example.

s3 = Aws::S3::Client.new

s3.list_objects(bucket:'aws-sdk').each do |response| puts response.contents.map(&:key)end

This yields one response object per API call made, and enumerates objects in the named bucket. The SDKretrieves additional pages of data to complete the request.

Handling Paged Responses ManuallyTo handle paging yourself, use the response’s next_page? method to verify there are more pages toretrieve, or use the last_page? method to verify there are no more pages to retrieve.

If there are more pages, use the next_page (notice there is no ?) method to retrieve the next page ofresults, as shown in the following example.

s3 = Aws::S3::Client.new

# Get the first page of dataresponse = s3.list_objects(bucket:'aws-sdk')

# Get additional pages

25

Page 31: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuidePaged Data Classes

while response.next_page? do response = response.next_page # Use the response data here...end

NoteIf you call the next_page method and there are no more pages to retrieve, the SDK raises anAws::PageableResponse::LastPageError exception.

Paged Data ClassesPaged data in the AWS SDK for Ruby is handled by the Aws::PageableResponse class, which is includedwith Seahorse::Client::Response to provide access to paged data.

Using WaitersWaiters are utility methods that poll for a particular state to occur on a client. Waiters can fail after anumber of attempts at a polling interval defined for the service client. For an example of how a waiter isused, see Creating an Amazon DynamoDB Table (p. 60).

Invoking a WaiterTo invoke a waiter, call #wait_until on a service client. In the following example, a waiter waits untilthe instance i-12345678 is running before continuing.

ec2 = Aws::EC2::Client.new

begin ec2.wait_until(:instance_running, instance_ids:['i-12345678']) puts "instance running"rescue Aws::Waiters::Errors::WaiterFailed => error puts "failed waiting for instance running: #{error.message}"end

The first parameter is the waiter name, which is specific to the service client and indicates whichoperation is being waited for. The second parameter is a hash of parameters that are passed to the clientmethod called by the waiter, which varies according to the waiter name.

For a list of operations that can be waited for and the client methods called for each operation, see the#waiter_names and #wait_until field documentation for the client you are using.

Wait FailuresWaiters can fail with any of the following exceptions.

Aws::Waiters::Errors::FailureStateError

A failure state was encountered while waiting.Aws::Waiters::Errors::NoSuchWaiterError

The specified waiter name is not defined for the client being used.Aws::Waiters::Errors::TooManyAttemptsError

The number of attempts exceeded the waiter’s max_attempts value.

26

https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/PageableResponse/LastPageError.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/PageableResponse.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Seahorse/Client/Response.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api//Aws/Waiters/Errors/FailureStateError.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api//Aws/Waiters/Errors/NoSuchWaiterError.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api//Aws/Waiters/Errors/TooManyAttemptsError.html
Page 32: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideConfiguring a Waiter

Aws::Waiters::Errors::UnexpectedError

An unexpected error occurred while waiting.Aws::Waiters::Errors::WaiterFailed

One of the wait states was exceeded or another failure occurred while waiting.

All of these errors—except NoSuchWaiterError—are based on WaiterFailed. To catch errors in awaiter, use WaiterFailed, as shown in the following example.

rescue Aws::Waiters::Errors::WaiterFailed => error puts "failed waiting for instance running: #{error.message}"end

Configuring a WaiterEach waiter has a default polling interval and a maximum number of attempts it will make beforereturning control to your program. To set these values, use the max_attempts and delay: parametersin your #wait_until call. The following example waits for up to 25 seconds, polling every five seconds.

# Poll for ~25 secondsclient.wait_until(...) do |w| w.max_attempts = 5 w.delay = 5end

To disable wait failures, set the value of either of these parameters to nil.

Extending a WaiterTo modify the behavior of waiters, you can register callbacks that are triggered before each pollingattempt and before waiting.

The following example implements an exponential backoff in a waiter by doubling the amount of time towait on every attempt.

ec2 = Aws::EC2::Client.new

ec2.wait_until(:instance_running, instance_ids:['i-12345678']) do |w| w.interval = 0 # disable normal sleep w.before_wait do |n, resp| sleep(n ** 2) endend

The following example disables the maximum number of attempts, and instead waits for one hour (3600seconds) before failing.

started_at = Time.nowclient.wait_until(...) do |w| # Disable max attempts w.max_attempts = nil

# Poll for one hour, instead of a number of attempts w.before_wait do |attempts, response| throw :failure if Time.now - started_at > 3600

27

https://docs.amazonaws.cn/sdk-for-ruby/v3/api//Aws/Waiters/Errors/UnexpectedError.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api//Aws/Waiters/Errors/WaiterFailed.html
Page 33: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSpecifying a Client Timeout Duration

endend

Specifying a Client Timeout DurationBy default, the AWS SDK for Ruby performs up to three retries, with 15 seconds between retries, for atotal of up to four attempts. Therefore, an operation could take up to 60 seconds to time out.

The following example creates an Amazon S3 client in the region us-west-2, and specifies to wait fiveseconds between two retries on every client operation. Therefore, Amazon S3 client operations couldtake up to 15 seconds to time out.

s3 = Aws::S3::Client.new( region: region, retry_limit: 2, retry_backoff: lambda { |c| sleep(5) })

28

Page 34: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAWS CloudTrail Examples

AWS SDK for Ruby Code ExamplesThis section provides examples you can use to access AWS services by using the AWS SDK for Ruby.

Find the source code for these examples and others in the AWS documentation code examples repositoryon GitHub. To propose a new code example for the AWS documentation team to consider producing,create a new request. The team is looking to produce code examples that cover broader scenarios anduse cases, versus simple code snippets that cover only individual API calls. For instructions, see theProposing new code examples section in the Readme on GitHub.

Topics• CloudTrail Examples Using the AWS SDK for Ruby (p. 29)• Amazon CloudWatch Examples Using the AWS SDK for Ruby (p. 34)• CodeBuild Examples Using the AWS SDK for Ruby (p. 56)• Amazon DynamoDB Examples Using the AWS SDK for Ruby (p. 58)• Amazon EC2 Examples Using the AWS SDK for Ruby (p. 69)• AWS Elastic Beanstalk Examples Using the AWS SDK for Ruby (p. 106)• AWS Identity and Access Management (IAM) Examples Using the AWS SDK for Ruby (p. 108)• AWS Key Management Service Examples Using the AWS SDK for Ruby (p. 132)• AWS Lambda Examples Using the AWS SDK for Ruby (p. 135)• Amazon Polly Examples Using the AWS SDK for Ruby (p. 139)• Amazon RDS Examples Using the AWS SDK for Ruby (p. 142)• Amazon S3 Examples Using the AWS SDK for Ruby (p. 147)• Amazon SES Examples Using the AWS SDK for Ruby (p. 188)• Amazon SNS Examples Using the AWS SDK for Ruby (p. 192)• Amazon SQS Examples Using the AWS SDK for Ruby (p. 195)• Amazon WorkDocs Examples (p. 211)

CloudTrail Examples Using the AWS SDK for RubyCloudTrail is an AWS service that you can use to monitor your AWS deployments in the cloud bygetting a history of AWS API calls for your account. You can use the following AWS SDK for Ruby codeexamples to access AWS CloudTrail. For more information about CloudTrail, see the AWS CloudTraildocumentation.

Topics• Listing the CloudTrail Trails (p. 29)• Creating a CloudTrail Trail (p. 30)• Listing CloudTrail Trail Events (p. 32)• Deleting a CloudTrail Trail (p. 33)

Listing the CloudTrail TrailsThis example uses the describe_trails method to list the names of the CloudTrail trails and the bucket inwhich CloudTrail stores information in the us-west-2 region.

Choose Copy to save the code locally.

29

https://github.com/awsdocs/aws-doc-sdk-examples
https://github.com/awsdocs/aws-doc-sdk-examples
https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/README.rst
http://www.amazonaws.cn/documentation/cloudtrail/
http://www.amazonaws.cn/documentation/cloudtrail/
https://docs.amazonaws.cn/sdkforruby/api/Aws/CloudTrail/Client.html#describe_trails-instance_method
Page 35: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating a CloudTrail Trail

Create the file describe_trails.rb with the following code.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-cloudtrail' # v2: require 'aws-sdk'

# Create client in us-west-2client = Aws::CloudTrail::Client.new(region: 'us-west-2')

resp = client.describe_trails({})

putsputs "Found #{resp.trail_list.count} trail(s) in us-west-2:"puts

resp.trail_list.each do |trail| puts 'Name: ' + trail.name puts 'S3 bucket name: ' + trail.s3_bucket_name putsend

See the complete example on GitHub.

Creating a CloudTrail TrailThis example uses the create_trail method to create a CloudTrail trail in the us-west-2 region. Itrequires two inputs, the name of the trail and the name of the bucket in which CloudTrail storesinformation. If the bucket does not have the proper policy, include the -p flag to attach the correct policyto the bucket.

Choose Copy to save the code locally.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-cloudtrail' # v2: require 'aws-sdk'require 'aws-sdk-s3'require 'aws-sdk-sts'

# Attach IAM policy to bucketdef add_policy(bucket) # Get account ID using STS sts_client = Aws::STS::Client.new(region: 'us-west-2') resp = sts_client.get_caller_identity({})

30

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/example_code/cloudtrail/aws-ruby-sdk-cloudtrail-example-describe-trails.rb
https://docs.amazonaws.cn/sdkforruby/api/Aws/CloudTrail/Client.html#create_trail-instance_method
Page 36: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating a CloudTrail Trail

account_id = resp.account

# Attach policy to S3 bucket s3_client = Aws::S3::Client.new(region: 'us-west-2')

begin policy = { 'Version' => '2012-10-17', 'Statement' => [ { 'Sid' => 'AWSCloudTrailAclCheck20150319', 'Effect' => 'Allow', 'Principal' => { 'Service' => 'cloudtrail.amazonaws.com', }, 'Action' => 's3:GetBucketAcl', 'Resource' => 'arn:aws:s3:::' + bucket, }, { 'Sid' => 'AWSCloudTrailWrite20150319', 'Effect' => 'Allow', 'Principal' => { 'Service' => 'cloudtrail.amazonaws.com', }, 'Action' => 's3:PutObject', 'Resource' => 'arn:aws:s3:::' + bucket + '/AWSLogs/' + account_id + '/*', 'Condition' => { 'StringEquals' => { 's3:x-amz-acl' => 'bucket-owner-full-control', }, }, }, ] }.to_json

s3_client.put_bucket_policy( bucket: bucket, policy: policy )

puts 'Successfully added policy to bucket ' + bucket rescue StandardError => err puts 'Got error trying to add policy to bucket ' + bucket + ':' puts err exit 1 endend

# mainname = ''bucket = ''attach_policy = false

i = 0

while i < ARGV.length case ARGV[i] when '-b' i += 1 bucket = ARGV[i]

when '-p' attach_policy = true

else name = ARGV[i]

31

Page 37: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideListing CloudTrail Trail Events

end

i += 1end

if name == '' || bucket == '' puts 'You must supply a trail name and bucket name' puts USAGE exit 1end

if attach_policy add_policy(bucket)end

# Create client in us-west-2client = Aws::CloudTrail::Client.new(region: 'us-west-2')

begin client.create_trail({ name: name, # required s3_bucket_name: bucket, # required })

puts 'Successfully created CloudTrail ' + name + ' in us-west-2'rescue StandardError => err puts 'Got error trying to create trail ' + name + ':' puts err exit 1end

See the complete example on GitHub.

Listing CloudTrail Trail EventsThis example uses the lookup_events method to list the CloudTrail trail events in the us-west-2 region.

Choose Copy to save the code locally.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-cloudtrail' # v2: require 'aws-sdk'

def show_event(event) puts 'Event name: ' + event.event_name puts 'Event ID: ' + event.event_id puts "Event time: #{event.event_time}" puts 'User name: ' + event.username

puts 'Resources:'

event.resources.each do |r| puts ' Name: ' + r.resource_name puts ' Type: ' + r.resource_type

32

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/example_code/cloudtrail/aws-ruby-sdk-cloudtrail-example-create-trail.rb
https://docs.amazonaws.cn/sdkforruby/api/Aws/CloudTrail/Client.html#lookup_events-instance_method
Page 38: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDeleting a CloudTrail Trail

puts '' endend

# Create client in us-west-2client = Aws::CloudTrail::Client.new(region: 'us-west-2')

resp = client.lookup_events()

putsputs "Found #{resp.events.count} events in us-west-2:"puts

resp.events.each do |e| show_event(e)end

See the complete example on GitHub.

Deleting a CloudTrail TrailThis example uses the delete_trail method to delete a CloudTrail trail in the us-west-2 region. Itrequires one input, the name of the trail.

Choose Copy to save the code locally.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-cloudtrail' # v2: require 'aws-sdk'

if ARGV.length != 1 puts 'You must supply the name of the trail to delete' exit 1end

name = ARGV[0]

# Create client in us-west-2client = Aws::CloudTrail::Client.new(region: 'us-west-2')

begin client.delete_trail({ name: name, # required })

puts 'Successfully deleted CloudTrail ' + name + ' in us-west-2'rescue StandardError => err puts 'Got error trying to delete trail ' + name + ':' puts err exit 1end

See the complete example on GitHub.

33

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/example_code/cloudtrail/aws-ruby-sdk-cloudtrail-example-lookup-events.rb
https://docs.amazonaws.cn/sdkforruby/api/Aws/CloudTrail/Client.html#delete_trail-instance_method
https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/example_code/cloudtrail/aws-ruby-sdk-cloudtrail-example-delete-trail.rb
Page 39: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon CloudWatch Examples

Amazon CloudWatch Examples Using the AWS SDKfor Ruby

Amazon CloudWatch (CloudWatch) is a monitoring service for AWS cloud resources and the applicationsyou run on AWS. You can use the following examples to access CloudWatch by using the AWS SDK forRuby. For more information about CloudWatch, see the Amazon CloudWatch documentation.

Topics• Getting Information about Amazon CloudWatch Alarms (p. 34)• Creating an Amazon CloudWatch Alarm (p. 35)• Enabling and Disabling Amazon CloudWatch Alarm Actions (p. 38)• Getting Information about Custom Metrics for Amazon CloudWatch (p. 40)• Sending Events to Amazon CloudWatch Events (p. 43)

Getting Information about Amazon CloudWatchAlarmsThe following code example displays information about available metric alarms in Amazon CloudWatch.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-cloudwatch'

# Displays information about available metric alarms in Amazon CloudWatch.## @param cloudwatch_client [Aws::CloudWatch::Client]# An initialized CloudWatch client.# @example# describe_metric_alarms(Aws::CloudWatch::Client.new(region: 'us-east-1'))def describe_metric_alarms(cloudwatch_client) response = cloudwatch_client.describe_alarms

if response.metric_alarms.count.positive? response.metric_alarms.each do |alarm| puts '-' * 16 puts 'Name: ' + alarm.alarm_name puts 'State value: ' + alarm.state_value puts 'State reason: ' + alarm.state_reason puts 'Metric: ' + alarm.metric_name puts 'Namespace: ' + alarm.namespace puts 'Statistic: ' + alarm.statistic puts 'Period: ' + alarm.period.to_s puts 'Unit: ' + alarm.unit.to_s puts 'Eval. periods: ' + alarm.evaluation_periods.to_s puts 'Threshold: ' + alarm.threshold.to_s puts 'Comp. operator: ' + alarm.comparison_operator

if alarm.key?(:ok_actions) && alarm.ok_actions.count.positive? puts 'OK actions:' alarm.ok_actions.each do |a| puts ' ' + a end end

if alarm.key?(:alarm_actions) && alarm.alarm_actions.count.positive?

34

http://www.amazonaws.cn/documentation/cloudwatch/
Page 40: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon CloudWatch Alarm

puts 'Alarm actions:' alarm.alarm_actions.each do |a| puts ' ' + a end end

if alarm.key?(:insufficient_data_actions) && alarm.insufficient_data_actions.count.positive? puts 'Insufficient data actions:' alarm.insufficient_data_actions.each do |a| puts ' ' + a end end

puts 'Dimensions:' if alarm.key?(:dimensions) && alarm.dimensions.count.positive? alarm.dimensions.each do |d| puts ' Name: ' + d.name + ', Value: ' + d.value end else puts ' None for this alarm.' end end else puts 'No alarms found.' endrescue StandardError => e puts "Error getting information about alarms: #{e.message}"end

# Full example call:def run_me region = ''

# Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby cw-ruby-example-show-alarms.rb REGION' puts 'Example: ruby cw-ruby-example-show-alarms.rb us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else region = ARGV[0] end

cloudwatch_client = Aws::CloudWatch::Client.new(region: region) puts 'Available alarms:' describe_metric_alarms(cloudwatch_client)end

run_me if $PROGRAM_NAME == __FILE__

Creating an Amazon CloudWatch AlarmThe following code example creates a new CloudWatch alarm (or updates an existing alarm, if an alarmwith the specified name already exists).

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-cloudwatch'

35

Page 41: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon CloudWatch Alarm

# Creates or updates an alarm in Amazon CloudWatch.## @param cloudwatch_client [Aws::CloudWatch::Client]# An initialized CloudWatch client.# @param alarm_name [String] The name of the alarm.# @param alarm_description [String] A description about the alarm.# @param metric_name [String] The name of the metric associated with the alarm.# @param alarm_actions [Array] A list of Strings representing the# Amazon Resource Names (ARNs) to execute when the alarm transitions to the# ALARM state.# @param namespace [String] The namespace for the metric to alarm on.# @param statistic [String] The statistic for the metric.# @param dimensions [Array] A list of dimensions for the metric, specified as# Aws::CloudWatch::Types::Dimension.# @param period [Integer] The number of seconds before re-evaluating the metric.# @param unit [String] The unit of measure for the statistic.# @param evaluation_periods [Integer] The number of periods over which data is# compared to the specified threshold.# @param theshold [Float] The value against which the specified statistic is compared.# @param comparison_operator [String] The arithmetic operation to use when# comparing the specified statistic and threshold.# @return [Boolean] true if the alarm was created or updated; otherwise, false.# @example# exit 1 unless alarm_created_or_updated?(# Aws::CloudWatch::Client.new(region: 'us-east-1'),# 'ObjectsInBucket',# 'Objects exist in this bucket for more than 1 day.',# 'NumberOfObjects',# ['arn:aws:sns:us-east-1:111111111111:Default_CloudWatch_Alarms_Topic'],# 'AWS/S3',# 'Average',# [# {# name: 'BucketName',# value: 'doc-example-bucket'# },# {# name: 'StorageType',# value: 'AllStorageTypes'# }# ],# 86_400,# 'Count',# 1,# 1,# 'GreaterThanThreshold'# )def alarm_created_or_updated?( cloudwatch_client, alarm_name, alarm_description, metric_name, alarm_actions, namespace, statistic, dimensions, period, unit, evaluation_periods, threshold, comparison_operator) cloudwatch_client.put_metric_alarm( alarm_name: alarm_name, alarm_description: alarm_description,

36

Page 42: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon CloudWatch Alarm

metric_name: metric_name, alarm_actions: alarm_actions, namespace: namespace, statistic: statistic, dimensions: dimensions, period: period, unit: unit, evaluation_periods: evaluation_periods, threshold: threshold, comparison_operator: comparison_operator ) return truerescue StandardError => e puts "Error creating alarm: #{e.message}" return falseend

# Full example call:def run_me alarm_name = 'ObjectsInBucket' alarm_description = 'Objects exist in this bucket for more than 1 day.' metric_name = 'NumberOfObjects' # Notify this Amazon Simple Notification Service (Amazon SNS) topic when # the alarm transitions to the ALARM state. alarm_actions = ['arn:aws:sns:us-east-1:111111111111:Default_CloudWatch_Alarms_Topic'] namespace = 'AWS/S3' statistic = 'Average' dimensions = [ { name: 'BucketName', value: 'doc-example-bucket' }, { name: 'StorageType', value: 'AllStorageTypes' } ] period = 86_400 # Daily (24 hours * 60 minutes * 60 seconds = 86400 seconds). unit = 'Count' evaluation_periods = 1 # More than one day. threshold = 1 # One object. comparison_operator = 'GreaterThanThreshold' # More than one object. region = 'us-east-1'

cloudwatch_client = Aws::CloudWatch::Client.new(region: region)

if alarm_created_or_updated?( cloudwatch_client, alarm_name, alarm_description, metric_name, alarm_actions, namespace, statistic, dimensions, period, unit, evaluation_periods, threshold, comparison_operator ) puts "Alarm '#{alarm_name}' created or updated." else puts "Could not create or update alarm '#{alarm_name}'." endend

37

Page 43: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEnabling and Disabling Amazon CloudWatch Alarm Actions

run_me if $PROGRAM_NAME == __FILE__

Enabling and Disabling Amazon CloudWatch AlarmActionsThe following code example:

1. Creates and enables a new CloudWatch alarm (or updates an existing alarm, if an alarm with thespecified name already exists).

2. Disables the new or existing alarm. To enable the alarm again, call enable_alarm_actions.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

# The following code example shows how to:# 1. Create or update an Amazon CloudWatch alarm.# 2. Disable all actions for an alarm.

require 'aws-sdk-cloudwatch'

# Creates or updates an alarm in Amazon CloudWatch.## @param cloudwatch_client [Aws::CloudWatch::Client]# An initialized CloudWatch client.# @param alarm_name [String] The name of the alarm.# @param alarm_description [String] A description about the alarm.# @param metric_name [String] The name of the metric associated with the alarm.# @param alarm_actions [Array] A list of Strings representing the# Amazon Resource Names (ARNs) to execute when the alarm transitions to the# ALARM state.# @param namespace [String] The namespace for the metric to alarm on.# @param statistic [String] The statistic for the metric.# @param dimensions [Array] A list of dimensions for the metric, specified as# Aws::CloudWatch::Types::Dimension.# @param period [Integer] The number of seconds before re-evaluating the metric.# @param unit [String] The unit of measure for the statistic.# @param evaluation_periods [Integer] The number of periods over which data is# compared to the specified threshold.# @param theshold [Float] The value against which the specified statistic is compared.# @param comparison_operator [String] The arithmetic operation to use when# comparing the specified statistic and threshold.# @return [Boolean] true if the alarm was created or updated; otherwise, false.# @example# exit 1 unless alarm_created_or_updated?(# Aws::CloudWatch::Client.new(region: 'us-east-1'),# 'ObjectsInBucket',# 'Objects exist in this bucket for more than 1 day.',# 'NumberOfObjects',# ['arn:aws:sns:us-east-1:111111111111:Default_CloudWatch_Alarms_Topic'],# 'AWS/S3',# 'Average',# [# {# name: 'BucketName',# value: 'doc-example-bucket'# },# {# name: 'StorageType',# value: 'AllStorageTypes'

38

Page 44: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEnabling and Disabling Amazon CloudWatch Alarm Actions

# }# ],# 86_400,# 'Count',# 1,# 1,# 'GreaterThanThreshold'# )def alarm_created_or_updated?( cloudwatch_client, alarm_name, alarm_description, metric_name, alarm_actions, namespace, statistic, dimensions, period, unit, evaluation_periods, threshold, comparison_operator) cloudwatch_client.put_metric_alarm( alarm_name: alarm_name, alarm_description: alarm_description, metric_name: metric_name, alarm_actions: alarm_actions, namespace: namespace, statistic: statistic, dimensions: dimensions, period: period, unit: unit, evaluation_periods: evaluation_periods, threshold: threshold, comparison_operator: comparison_operator ) return truerescue StandardError => e puts "Error creating alarm: #{e.message}" return falseend

# Disables an alarm in Amazon CloudWatch.## Prerequisites.## - The alarm to disable.## @param cloudwatch_client [Aws::CloudWatch::Client]# An initialized CloudWatch client.# @param alarm_name [String] The name of the alarm to disable.# @return [Boolean] true if the alarm was disabled; otherwise, false.# @example# exit 1 unless alarm_actions_disabled?(# Aws::CloudWatch::Client.new(region: 'us-east-1'),# 'ObjectsInBucket'# )def alarm_actions_disabled?(cloudwatch_client, alarm_name) cloudwatch_client.disable_alarm_actions(alarm_names: [alarm_name]) return truerescue StandardError => e puts "Error disabling alarm actions: #{e.message}" return falseend

39

Page 45: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about Custom

Metrics for Amazon CloudWatch

# Full example call:def run_me alarm_name = 'ObjectsInBucket' alarm_description = 'Objects exist in this bucket for more than 1 day.' metric_name = 'NumberOfObjects' # Notify this Amazon Simple Notification Service (Amazon SNS) topic when # the alarm transitions to the ALARM state. alarm_actions = ['arn:aws:sns:us-east-1:111111111111:Default_CloudWatch_Alarms_Topic'] namespace = 'AWS/S3' statistic = 'Average' dimensions = [ { name: 'BucketName', value: 'doc-example-bucket' }, { name: 'StorageType', value: 'AllStorageTypes' } ] period = 86_400 # Daily (24 hours * 60 minutes * 60 seconds = 86400 seconds). unit = 'Count' evaluation_periods = 1 # More than one day. threshold = 1 # One object. comparison_operator = 'GreaterThanThreshold' # More than one object. region = 'us-east-1'

cloudwatch_client = Aws::CloudWatch::Client.new(region: region)

if alarm_created_or_updated?( cloudwatch_client, alarm_name, alarm_description, metric_name, alarm_actions, namespace, statistic, dimensions, period, unit, evaluation_periods, threshold, comparison_operator ) puts "Alarm '#{alarm_name}' created or updated." else puts "Could not create or update alarm '#{alarm_name}'." end

if alarm_actions_disabled?(cloudwatch_client, alarm_name) puts "Alarm '#{alarm_name}' disabled." else puts "Could not disable alarm '#{alarm_name}'." endend

run_me if $PROGRAM_NAME == __FILE__

Getting Information about Custom Metrics forAmazon CloudWatchThe following code example:

40

Page 46: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about Custom

Metrics for Amazon CloudWatch

1. Adds datapoints to a custom metric in CloudWatch.

2. Displays a list of available metrics for a metric namespace in CloudWatch.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

# The following example shows how to:# 1. Add a datapoint to a metric in Amazon CloudWatch.# 2. List available metrics for a metric namespace in Amazon CloudWatch.

require 'aws-sdk-cloudwatch'

# Adds a datapoint to a metric in Amazon CloudWatch.## @param cloudwatch_client [Aws::CloudWatch::Client]# An initialized CloudWatch client.# @param metric_namespace [String] The namespace of the metric to add the# datapoint to.# @param metric_name [String] The name of the metric to add the datapoint to.# @param dimension_name [String] The name of the dimension to add the# datapoint to.# @param dimension_value [String] The value of the dimension to add the# datapoint to.# @param metric_value [Float] The value of the datapoint.# @param metric_unit [String] The unit of measurement for the datapoint.# @return [Boolean]# @example# exit 1 unless datapoint_added_to_metric?(# Aws::CloudWatch::Client.new(region: 'us-east-1'),# 'SITE/TRAFFIC',# 'UniqueVisitors',# 'SiteName',# 'example.com',# 5_885.0,# 'Count'# )def datapoint_added_to_metric?( cloudwatch_client, metric_namespace, metric_name, dimension_name, dimension_value, metric_value, metric_unit) cloudwatch_client.put_metric_data( namespace: metric_namespace, metric_data: [ { metric_name: metric_name, dimensions: [ { name: dimension_name, value: dimension_value } ], value: metric_value, unit: metric_unit } ] ) puts "Added data about '#{metric_name}' to namespace " \ "'#{metric_namespace}'."

41

Page 47: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about Custom

Metrics for Amazon CloudWatch

return truerescue StandardError => e puts "Error adding data about '#{metric_name}' to namespace " \ "'#{metric_namespace}': #{e.message}" return falseend

# Lists available metrics for a metric namespace in Amazon CloudWatch.## @param cloudwatch_client [Aws::CloudWatch::Client]# An initialized CloudWatch client.# @param metric_namespace [String] The namespace of the metric.# @example# list_metrics_for_namespace(# Aws::CloudWatch::Client.new(region: 'us-east-1'),# 'SITE/TRAFFIC'# )def list_metrics_for_namespace(cloudwatch_client, metric_namespace) response = cloudwatch_client.list_metrics(namespace: metric_namespace)

if response.metrics.count.positive? response.metrics.each do |metric| puts " Metric name: #{metric.metric_name}" if metric.dimensions.count.positive? puts ' Dimensions:' metric.dimensions.each do |dimension| puts " Name: #{dimension.name}, Value: #{dimension.value}" end else puts 'No dimensions found.' end end else puts "No metrics found for namespace '#{metric_namespace}'. " \ 'Note that it could take up to 15 minutes for recently-added metrics ' \ 'to become available.' endend

# Full example call:def run_me metric_namespace = 'SITE/TRAFFIC' region = 'us-east-1'

cloudwatch_client = Aws::CloudWatch::Client.new(region: region)

# Add three datapoints. puts 'Continuing...' unless datapoint_added_to_metric?( cloudwatch_client, metric_namespace, 'UniqueVisitors', 'SiteName', 'example.com', 5_885.0, 'Count' )

puts 'Continuing...' unless datapoint_added_to_metric?( cloudwatch_client, metric_namespace, 'UniqueVisits', 'SiteName', 'example.com', 8_628.0, 'Count' )

42

Page 48: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

puts 'Continuing...' unless datapoint_added_to_metric?( cloudwatch_client, metric_namespace, 'PageViews', 'PageURL', 'example.html', 18_057.0, 'Count' )

puts "Metrics for namespace '#{metric_namespace}':" list_metrics_for_namespace(cloudwatch_client, metric_namespace)end

run_me if $PROGRAM_NAME == __FILE__

Sending Events to Amazon CloudWatch EventsThe following code example shows how to create and trigger a rule in Amazon CloudWatch Events. Thisrule sends a notification to the specified topic in Amazon Simple Notification Service (Amazon SNS)whenever an available instance in Amazon Elastic Compute Cloud (Amazon EC2) changes to a runningstate. Also, related event information is logged to a log group in CloudWatch Events.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

# The following code example shows how to create and trigger a rule in# Amazon CloudWatch Events. This rule sends a notification to the specified# topic in Amazon Simple Notification Service (Amazon SNS) whenever an# available instance in Amazon Elastic Compute Cloud (Amazon EC2) changes# to a running state. Also, related event information is logged to a log group# in Amazon CloudWatch Logs.## This code example works with the following AWS resources through the# following functions:## - A rule in Amazon CloudWatch Events. See the rule_exists?, rule_found?,# create_rule, and display_rule_activity functions.# - A role in AWS Identity and Access Management (IAM) to allow the rule# to work with Amazon CloudWatch Events. See role_exists?, role_found?,# and create_role.# - An Amazon EC2 instance, which triggers the rule whenever it is restarted.# See instance_restarted?.# - A topic and topic subscription in Amazon SNS for the rule to send event# notifications to. See topic_exists?, topic_found?, and create_topic.# - A log group in Amazon CloudWatch Logs to capture related event information.# See log_group_exists?, log_group_created?, log_event, and display_log_data.## This code example requires the following AWS resources to exist in advance:## - An Amazon EC2 instance to restart, which triggers the rule.## The run_me function toward the end of this code example calls the# preceding functions in the correct order.

require 'aws-sdk-sns'require 'aws-sdk-iam'require 'aws-sdk-cloudwatchevents'require 'aws-sdk-ec2'require 'aws-sdk-cloudwatch'require 'aws-sdk-cloudwatchlogs'require 'securerandom'

43

Page 49: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

# Checks whether the specified Amazon Simple Notification Service# (Amazon SNS) topic exists among those provided to this function.# This is a helper function that is called by the topic_exists? function.## @param topics [Array] An array of Aws::SNS::Types::Topic objects.# @param topic_arn [String] The Amazon Resource Name (ARN) of the# topic to find.# @return [Boolean] true if the topic ARN was found; otherwise, false.# @example# sns_client = Aws::SNS::Client.new(region: 'us-east-1')# response = sns_client.list_topics# if topic_found?(# response.topics,# 'arn:aws:sns:us-east-1:111111111111:aws-doc-sdk-examples-topic'# )# puts 'Topic found.'# enddef topic_found?(topics, topic_arn) topics.each do |topic| return true if topic.topic_arn == topic_arn end return falseend

# Checks whether the specified topic exists among those available to the# caller in Amazon Simple Notification Service (Amazon SNS).## @param sns_client [Aws::SNS::Client] An initialized Amazon SNS client.# @param topic_arn [String] The Amazon Resource Name (ARN) of the# topic to find.# @return [Boolean] true if the topic ARN was found; otherwise, false.# @example# exit 1 unless topic_exists?(# Aws::SNS::Client.new(region: 'us-east-1'),# 'arn:aws:sns:us-east-1:111111111111:aws-doc-sdk-examples-topic'# )def topic_exists?(sns_client, topic_arn) puts "Searching for topic with ARN '#{topic_arn}'..." response = sns_client.list_topics if response.topics.count.positive? if topic_found?(response.topics, topic_arn) puts 'Topic found.' return true end while response.next_page? do response = response.next_page if response.topics.count.positive? if topic_found?(response.topics, topic_arn) puts 'Topic found.' return true end end end end puts 'Topic not found.' return falserescue StandardError => e puts "Topic not found: #{e.message}" return falseend

# Creates a topic in Amazon Simple Notification Service (Amazon SNS)# and then subscribes an email address to receive notifications to that topic.## @param sns_client [Aws::SNS::Client] An initialized Amazon SNS client.

44

Page 50: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

# @param topic_name [String] The name of the topic to create.# @param email_address [String] The email address of the recipient to notify.# @return [String] The Amazon Resource Name (ARN) of the topic that# was created.# @example# puts create_topic(# Aws::SNS::Client.new(region: 'us-east-1'),# 'aws-doc-sdk-examples-topic',# '[email protected]'# )def create_topic(sns_client, topic_name, email_address) puts "Creating the topic named '#{topic_name}'..." topic_response = sns_client.create_topic(name: topic_name) puts "Topic created with ARN '#{topic_response.topic_arn}'." subscription_response = sns_client.subscribe( topic_arn: topic_response.topic_arn, protocol: 'email', endpoint: email_address, return_subscription_arn: true ) puts 'Subscription created with ARN ' \ "'#{subscription_response.subscription_arn}'. Have the owner of the " \ "email address '#{email_address}' check their inbox in a few minutes " \ 'and confirm the subscription to start receiving notification emails.' return topic_response.topic_arnrescue StandardError => e puts "Error creating or subscribing to topic: #{e.message}" return 'Error'end

# Checks whether the specified AWS Identity and Access Management (IAM)# role exists among those provided to this function.# This is a helper function that is called by the role_exists? function.## @param roles [Array] An array of Aws::IAM::Role objects.# @param role_arn [String] The Amazon Resource Name (ARN) of the# role to find.# @return [Boolean] true if the role ARN was found; otherwise, false.# @example# iam_client = Aws::IAM::Client.new(region: 'us-east-1')# response = iam_client.list_roles# if role_found?(# response.roles,# 'arn:aws:iam::111111111111:role/aws-doc-sdk-examples-ec2-state-change'# )# puts 'Role found.'# enddef role_found?(roles, role_arn) roles.each do |role| return true if role.arn == role_arn end return falseend

# Checks whether the specified role exists among those available to the# caller in AWS Identity and Access Management (IAM).## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param role_arn [String] The Amazon Resource Name (ARN) of the# role to find.# @return [Boolean] true if the role ARN was found; otherwise, false.# @example# exit 1 unless role_exists?(# Aws::IAM::Client.new(region: 'us-east-1'),# 'arn:aws:iam::111111111111:role/aws-doc-sdk-examples-ec2-state-change'# )

45

Page 51: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

def role_exists?(iam_client, role_arn) puts "Searching for role with ARN '#{role_arn}'..." response = iam_client.list_roles if response.roles.count.positive? if role_found?(response.roles, role_arn) puts 'Role found.' return true end while response.next_page? do response = response.next_page if response.roles.count.positive? if role_found?(response.roles, role_arn) puts 'Role found.' return true end end end end puts 'Role not found.' return falserescue StandardError => e puts "Role not found: #{e.message}" return falseend

# Creates a role in AWS Identity and Access Management (IAM).# This role is used by a rule in Amazon CloudWatch Events to allow# that rule to operate within the caller's account.# This role is designed to be used specifically by this code example.## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param role_name [String] The name of the role to create.# @return [String] The Amazon Resource Name (ARN) of the role that# was created.# @example# puts create_role(# Aws::IAM::Client.new(region: 'us-east-1'),# 'aws-doc-sdk-examples-ec2-state-change'# )def create_role(iam_client, role_name) puts "Creating the role named '#{role_name}'..." response = iam_client.create_role( assume_role_policy_document: { 'Version': '2012-10-17', 'Statement': [ { 'Sid': '', 'Effect': 'Allow', 'Principal': { 'Service': 'events.amazonaws.com' }, 'Action': 'sts:AssumeRole' } ] }.to_json, path: '/', role_name: role_name ) puts "Role created with ARN '#{response.role.arn}'." puts 'Adding access policy to role...' iam_client.put_role_policy( policy_document: { 'Version': '2012-10-17', 'Statement': [ { 'Sid': 'CloudWatchEventsFullAccess',

46

Page 52: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

'Effect': 'Allow', 'Resource': '*', 'Action': 'events:*' }, { 'Sid': 'IAMPassRoleForCloudWatchEvents', 'Effect': 'Allow', 'Resource': 'arn:aws:iam::*:role/AWS_Events_Invoke_Targets', 'Action': 'iam:PassRole' } ] }.to_json, policy_name: 'CloudWatchEventsPolicy', role_name: role_name ) puts 'Access policy added to role.' return response.role.arnrescue StandardError => e puts "Error creating role or adding policy to it: #{e.message}" puts 'If the role was created, you must add the access policy ' \ 'to the role yourself, or delete the role yourself and try again.' return 'Error'end

# Checks whether the specified AWS CloudWatch Events rule exists among# those provided to this function.# This is a helper function that is called by the rule_exists? function.## @param rules [Array] An array of Aws::CloudWatchEvents::Types::Rule objects.# @param rule_arn [String] The name of the rule to find.# @return [Boolean] true if the name of the rule was found; otherwise, false.# @example# cloudwatchevents_client = Aws::CloudWatch::Client.new(region: 'us-east-1')# response = cloudwatchevents_client.list_rules# if rule_found?(response.rules, 'aws-doc-sdk-examples-ec2-state-change')# puts 'Rule found.'# enddef rule_found?(rules, rule_name) rules.each do |rule| return true if rule.name == rule_name end return falseend

# Checks whether the specified rule exists among those available to the# caller in AWS CloudWatch Events.## @param cloudwatchevents_client [Aws::CloudWatchEvents::Client]# An initialized AWS CloudWatch Events client.# @param rule_name [String] The name of the rule to find.# @return [Boolean] true if the rule name was found; otherwise, false.# @example# exit 1 unless rule_exists?(# Aws::CloudWatch::Client.new(region: 'us-east-1')# 'aws-doc-sdk-examples-ec2-state-change'# )def rule_exists?(cloudwatchevents_client, rule_name) puts "Searching for rule with name '#{rule_name}'..." response = cloudwatchevents_client.list_rules if response.rules.count.positive? if rule_found?(response.rules, rule_name) puts 'Rule found.' return true end while response.next_page? do response = response.next_page

47

Page 53: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

if response.rules.count.positive? if rule_found?(response.rules, rule_name) puts 'Rule found.' return true end end end end puts 'Rule not found.' return falserescue StandardError => e puts "Rule not found: #{e.message}" return falseend

# Creates a rule in AWS CloudWatch Events.# This rule is triggered whenever an available instance in# Amazon Elastic Compute Cloud (Amazon EC2) changes to the specified state.# This rule is designed to be used specifically by this code example.## Prerequisites:## - A role in AWS Identity and Access Management (IAM) that is designed# to be used specifically by this code example.# - A topic in Amazon Simple Notification Service (Amazon SNS).## @param cloudwatchevents_client [Aws::CloudWatchEvents::Client]# An initialized AWS CloudWatch Events client.# @param rule_name [String] The name of the rule to create.# @param rule_description [String] Some description for this rule.# @param instance_state [String] The state that available instances in# Amazon Elastic Compute Cloud (Amazon EC2) must change to, to# trigger this rule.# @param role_arn [String] The Amazon Resource Name (ARN) of the IAM role.# @param target_id [String] Some identifying string for the rule's target.# @param topic_arn [String] The ARN of the Amazon SNS topic.# @return [Boolean] true if the rule was created; otherwise, false.# @example# exit 1 unless rule_created?(# Aws::CloudWatch::Client.new(region: 'us-east-1'),# 'aws-doc-sdk-examples-ec2-state-change',# 'Triggers when any available EC2 instance starts.',# 'running',# 'arn:aws:iam::111111111111:role/aws-doc-sdk-examples-ec2-state-change',# 'sns-topic',# 'arn:aws:sns:us-east-1:111111111111:aws-doc-sdk-examples-topic'# )def rule_created?( cloudwatchevents_client, rule_name, rule_description, instance_state, role_arn, target_id, topic_arn) puts "Creating rule with name '#{rule_name}'..." put_rule_response = cloudwatchevents_client.put_rule( name: rule_name, description: rule_description, event_pattern: { 'source': [ 'aws.ec2' ], 'detail-type': [ 'EC2 Instance State-change Notification'

48

Page 54: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

], 'detail': { 'state': [ instance_state ] } }.to_json, state: 'ENABLED', role_arn: role_arn ) puts "Rule created with ARN '#{put_rule_response.rule_arn}'."

put_targets_response = cloudwatchevents_client.put_targets( rule: rule_name, targets: [ { id: target_id, arn: topic_arn } ] ) if put_targets_response.key?(:failed_entry_count) && put_targets_response.failed_entry_count > 0 puts 'Error(s) adding target to rule:' put_targets_response.failed_entries.each do |failure| puts failure.error_message end return false else return true endrescue StandardError => e puts "Error creating rule or adding target to rule: #{e.message}" puts 'If the rule was created, you must add the target ' \ 'to the rule yourself, or delete the rule yourself and try again.' return falseend

# Checks to see whether the specified log group exists among those available# to the caller in Amazon CloudWatch Logs.## @param cloudwatchlogs_client [Aws::CloudWatchLogs::Client] An initialized# Amazon CloudWatch Logs client.# @param log_group_name [String] The name of the log group to find.# @return [Boolean] true if the log group name was found; otherwise, false.# @example# exit 1 unless log_group_exists?(# Aws::CloudWatchLogs::Client.new(region: 'us-east-1'),# 'aws-doc-sdk-examples-cloudwatch-log'# )def log_group_exists?(cloudwatchlogs_client, log_group_name) puts "Searching for log group with name '#{log_group_name}'..." response = cloudwatchlogs_client.describe_log_groups( log_group_name_prefix: log_group_name ) if response.log_groups.count.positive? response.log_groups.each do |log_group| if log_group.log_group_name == log_group_name puts 'Log group found.' return true end end end puts 'Log group not found.' return falserescue StandardError => e

49

Page 55: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

puts "Log group not found: #{e.message}" return falseend

# Creates a log group in Amazon CloudWatch Logs.## @param cloudwatchlogs_client [Aws::CloudWatchLogs::Client] An initialized# Amazon CloudWatch Logs client.# @param log_group_name [String] The name of the log group to create.# @return [Boolean] true if the log group name was created; otherwise, false.# @example# exit 1 unless log_group_created?(# Aws::CloudWatchLogs::Client.new(region: 'us-east-1'),# 'aws-doc-sdk-examples-cloudwatch-log'# )def log_group_created?(cloudwatchlogs_client, log_group_name) puts "Attempting to create log group with the name '#{log_group_name}'..." cloudwatchlogs_client.create_log_group(log_group_name: log_group_name) puts 'Log group created.' return truerescue StandardError => e puts "Error creating log group: #{e.message}" return falseend

# Writes an event to a log stream in Amazon CloudWatch Logs.## Prerequisites:## - A log group in Amazon CloudWatch Logs.# - A log stream within the log group.## @param cloudwatchlogs_client [Aws::CloudWatchLogs::Client] An initialized# Amazon CloudWatch Logs client.# @param log_group_name [String] The name of the log group.# @param log_stream_name [String] The name of the log stream within# the log group.# @param message [String] The message to write to the log stream.# @param sequence_token [String] If available, the sequence token from the# message that was written immediately before this message. This sequence# token is returned by Amazon CloudWatch Logs whenever you programmatically# write a message to the log stream.# @return [String] The sequence token that is returned by# Amazon CloudWatch Logs after successfully writing the message to the# log stream.# @example# puts log_event(# Aws::EC2::Client.new(region: 'us-east-1'),# 'aws-doc-sdk-examples-cloudwatch-log'# '2020/11/19/53f985be-199f-408e-9a45-fc242df41fEX',# "Instance 'i-033c48ef067af3dEX' restarted.",# '495426724868310740095796045676567882148068632824696073EX'# )def log_event( cloudwatchlogs_client, log_group_name, log_stream_name, message, sequence_token) puts "Attempting to log '#{message}' to log stream '#{log_stream_name}'..." event = { log_group_name: log_group_name, log_stream_name: log_stream_name, log_events: [ {

50

Page 56: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

timestamp: (Time.now.utc.to_f.round(3) * 1_000).to_i, message: message } ] } unless sequence_token.empty? event[:sequence_token] = sequence_token end

response = cloudwatchlogs_client.put_log_events(event) puts 'Message logged.' return response.next_sequence_tokenrescue StandardError => e puts "Message not logged: #{e.message}"end

# Restarts an Amazon Elastic Compute Cloud (Amazon EC2) instance# and adds information about the related activity to a log stream# in Amazon CloudWatch Logs.## Prerequisites:## - The Amazon EC2 instance to restart.# - The log group in Amazon CloudWatch Logs to add related activity# information to.## @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client.# @param cloudwatchlogs_client [Aws::CloudWatchLogs::Client]# An initialized Amazon CloudWatch Logs client.# @param instance_id [String] The ID of the instance.# @param log_group_name [String] The name of the log group.# @return [Boolean] true if the instance was restarted and the information# was written to the log stream; otherwise, false.# @example# exit 1 unless instance_restarted?(# Aws::EC2::Client.new(region: 'us-east-1'),# Aws::CloudWatchLogs::Client.new(region: 'us-east-1'),# 'i-033c48ef067af3dEX',# 'aws-doc-sdk-examples-cloudwatch-log'# )def instance_restarted?( ec2_client, cloudwatchlogs_client, instance_id, log_group_name) log_stream_name = "#{Time.now.year}/#{Time.now.month}/#{Time.now.day}/" \ "#{SecureRandom.uuid}" cloudwatchlogs_client.create_log_stream( log_group_name: log_group_name, log_stream_name: log_stream_name ) sequence_token = ''

puts "Attempting to stop the instance with the ID '#{instance_id}'. " \ 'This might take a few minutes...' ec2_client.stop_instances(instance_ids: [instance_id]) ec2_client.wait_until(:instance_stopped, instance_ids: [instance_id]) puts 'Instance stopped.' sequence_token = log_event( cloudwatchlogs_client, log_group_name, log_stream_name, "Instance '#{instance_id}' stopped.", sequence_token )

51

Page 57: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

puts 'Attempting to restart the instance. This might take a few minutes...' ec2_client.start_instances(instance_ids: [instance_id]) ec2_client.wait_until(:instance_running, instance_ids: [instance_id]) puts 'Instance restarted.' sequence_token = log_event( cloudwatchlogs_client, log_group_name, log_stream_name, "Instance '#{instance_id}' restarted.", sequence_token )

return truerescue StandardError => e puts 'Error creating log stream or stopping or restarting the instance: ' \ "#{e.message}" log_event( cloudwatchlogs_client, log_group_name, log_stream_name, "Error stopping or starting instance '#{instance_id}': #{e.message}", sequence_token ) return falseend

# Displays information about activity for a rule in Amazon CloudWatch Events.## Prerequisites:## - A rule in Amazon CloudWatch Events.## @param cloudwatch_client [Amazon::CloudWatch::Client] An initialized# Amazon CloudWatch client.# @param rule_name [String] The name of the rule.# @param start_time [Time] The timestamp that determines the first datapoint# to return. Can also be expressed as DateTime, Date, Integer, or String.# @param end_time [Time] The timestamp that determines the last datapoint# to return. Can also be expressed as DateTime, Date, Integer, or String.# @param period [Integer] The interval, in seconds, to check for activity.# @example# display_rule_activity(# Aws::CloudWatch::Client.new(region: 'us-east-1'),# 'aws-doc-sdk-examples-ec2-state-change',# Time.now - 600, # Start checking from 10 minutes ago.# Time.now, # Check up until now.# 60 # Check every minute during those 10 minutes.# )def display_rule_activity( cloudwatch_client, rule_name, start_time, end_time, period) puts 'Attempting to display rule activity...' response = cloudwatch_client.get_metric_statistics( namespace: 'AWS/Events', metric_name: 'Invocations', dimensions: [ { name: 'RuleName', value: rule_name } ],

52

Page 58: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

start_time: start_time, end_time: end_time, period: period, statistics: ['Sum'], unit: 'Count' )

if response.key?(:datapoints) && response.datapoints.count.positive? puts "The event rule '#{rule_name}' was triggered:" response.datapoints.each do |datapoint| puts " #{datapoint.sum} time(s) at #{datapoint.timestamp}" end else puts "The event rule '#{rule_name}' was not triggered during the " \ 'specified time period.' endrescue StandardError => e puts "Error getting information about event rule activity: #{e.message}"end

# Displays log information for all of the log streams in a log group in# Amazon CloudWatch Logs.## Prerequisites:## - A log group in Amazon CloudWatch Logs.## @param cloudwatchlogs_client [Amazon::CloudWatchLogs::Client] An initialized# Amazon CloudWatch Logs client.# @param log_group_name [String] The name of the log group.# @example# display_log_data(# Amazon::CloudWatchLogs::Client.new(region: 'us-east-1'),# 'aws-doc-sdk-examples-cloudwatch-log'# )def display_log_data(cloudwatchlogs_client, log_group_name) puts 'Attempting to display log stream data for the log group ' \ "named '#{log_group_name}'..." describe_log_streams_response = cloudwatchlogs_client.describe_log_streams( log_group_name: log_group_name, order_by: 'LastEventTime', descending: true ) if describe_log_streams_response.key?(:log_streams) && describe_log_streams_response.log_streams.count.positive? describe_log_streams_response.log_streams.each do |log_stream| get_log_events_response = cloudwatchlogs_client.get_log_events( log_group_name: log_group_name, log_stream_name: log_stream.log_stream_name ) puts "\nLog messages for '#{log_stream.log_stream_name}':" puts '-' * (log_stream.log_stream_name.length + 20) if get_log_events_response.key?(:events) && get_log_events_response.events.count.positive? get_log_events_response.events.each do |event| puts event.message end else puts 'No log messages for this log stream.' end end endrescue StandardError => e puts 'Error getting information about the log streams or their messages: ' \ "#{e.message}"end

53

Page 59: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

# Displays a reminder to the caller to manually clean up any associated# AWS resources that they no longer need.## @param topic_name [String] The name of the Amazon SNS topic.# @param role_name [String] The name of the IAM role.# @param rule_name [String] The name of the Amazon CloudWatch Events rule.# @param log_group_name [String] The name of the Amazon CloudWatch Logs log group.# @param instance_id [String] The ID of the Amazon EC2 instance.# @example# manual_cleanup_notice(# 'aws-doc-sdk-examples-topic',# 'aws-doc-sdk-examples-cloudwatch-events-rule-role',# 'aws-doc-sdk-examples-ec2-state-change',# 'aws-doc-sdk-examples-cloudwatch-log',# 'i-033c48ef067af3dEX'# )def manual_cleanup_notice( topic_name, role_name, rule_name, log_group_name, instance_id) puts '-' * 10 puts 'Some of the following AWS resources might still exist in your account.' puts 'If you no longer want to use this code example, then to clean up' puts 'your AWS account and avoid unexpected costs, you might want to' puts 'manually delete any of the following resources if they exist:' puts "- The Amazon SNS topic named '#{topic_name}'." puts "- The IAM role named '#{role_name}'." puts "- The Amazon CloudWatch Events rule named '#{rule_name}'." puts "- The Amazon CloudWatch Logs log group named '#{log_group_name}'." puts "- The Amazon EC2 instance with the ID '#{instance_id}'."end

# Full example call:def run_me # Properties for the Amazon SNS topic. topic_name = 'aws-doc-sdk-examples-topic' email_address = '[email protected]' # Properties for the IAM role. role_name = 'aws-doc-sdk-examples-cloudwatch-events-rule-role' # Properties for the Amazon CloudWatch Events rule. rule_name = 'aws-doc-sdk-examples-ec2-state-change' rule_description = 'Triggers when any available EC2 instance starts.' instance_state = 'running' target_id = 'sns-topic' # Properties for the Amazon EC2 instance. instance_id = 'i-033c48ef067af3dEX' # Properties for displaying the event rule's activity. start_time = Time.now - 600 # Go back over the past 10 minutes # (10 minutes * 60 seconds = 600 seconds). end_time = Time.now period = 60 # Look back every 60 seconds over the past 10 minutes. # Properties for the Amazon CloudWatch Logs log group. log_group_name = 'aws-doc-sdk-examples-cloudwatch-log' # AWS service clients for this code example. region = 'us-east-1' sts_client = Aws::STS::Client.new(region: region) sns_client = Aws::SNS::Client.new(region: region) iam_client = Aws::IAM::Client.new(region: region) cloudwatchevents_client = Aws::CloudWatchEvents::Client.new(region: region) ec2_client = Aws::EC2::Client.new(region: region) cloudwatch_client = Aws::CloudWatch::Client.new(region: region) cloudwatchlogs_client = Aws::CloudWatchLogs::Client.new(region: region)

# Get the caller's account ID for use in forming # Amazon Resource Names (ARNs) that this code relies on later. account_id = sts_client.get_caller_identity.account

54

Page 60: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Events to Amazon CloudWatch Events

# If the Amazon SNS topic doesn't exist, create it. topic_arn = "arn:aws:sns:#{region}:#{account_id}:#{topic_name}" unless topic_exists?(sns_client, topic_arn) topic_arn = create_topic(sns_client, topic_name, email_address) if topic_arn == 'Error' puts 'Could not create the Amazon SNS topic correctly. Program stopped.' manual_cleanup_notice( topic_name, role_name, rule_name, log_group_name, instance_id ) exit 1 end end

# If the IAM role doesn't exist, create it. role_arn = "arn:aws:iam::#{account_id}:role/#{role_name}" unless role_exists?(iam_client, role_arn) role_arn = create_role(iam_client, role_name) if role_arn == 'Error' puts 'Could not create the IAM role correctly. Program stopped.' manual_cleanup_notice( topic_name, role_name, rule_name, log_group_name, instance_id ) end end

# If the Amazon CloudWatch Events rule doesn't exist, create it. unless rule_exists?(cloudwatchevents_client, rule_name) unless rule_created?( cloudwatchevents_client, rule_name, rule_description, instance_state, role_arn, target_id, topic_arn ) puts 'Could not create the Amazon CloudWatch Events rule correctly. ' \ 'Program stopped.' manual_cleanup_notice( topic_name, role_name, rule_name, log_group_name, instance_id ) end end

# If the Amazon CloudWatch Logs log group doesn't exist, create it. unless log_group_exists?(cloudwatchlogs_client, log_group_name) unless log_group_created?(cloudwatchlogs_client, log_group_name) puts 'Could not create the Amazon CloudWatch Logs log group ' \ 'correctly. Program stopped.' manual_cleanup_notice( topic_name, role_name, rule_name, log_group_name, instance_id ) end end

# Restart the Amazon EC2 instance, which triggers the rule. unless instance_restarted?( ec2_client, cloudwatchlogs_client, instance_id, log_group_name ) puts 'Could not restart the instance to trigger the rule. ' \ 'Continuing anyway to show information about the rule and logs...' end

55

Page 61: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAWS CodeBuild Examples

# Display how many times the rule was triggered over the past 10 minutes. display_rule_activity( cloudwatch_client, rule_name, start_time, end_time, period )

# Display related log data in Amazon CloudWatch Logs. display_log_data(cloudwatchlogs_client, log_group_name)

# Reminder the caller to clean up any AWS resources that are used # by this code example and are no longer needed. manual_cleanup_notice( topic_name, role_name, rule_name, log_group_name, instance_id )end

run_me if $PROGRAM_NAME == __FILE__

CodeBuild Examples Using the AWS SDK for RubyCodeBuild is a fully managed build service that compiles source code, runs tests, and produces softwarepackages that are ready to deploy. You can use the following AWS SDK for Ruby code examples to accessAWS CodeBuild. For more information about CodeBuild, see the AWS CodeBuild documentation.

Topics• Getting Information about All AWS CodeBuild Projects (p. 56)• Building an AWS CodeBuild Project (p. 57)• Listing AWS CodeBuild Project Builds (p. 57)

Getting Information about All AWS CodeBuildProjectsThe following example lists the names of up to 100 of your AWS CodeBuild projects.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-codebuild' # v2: require 'aws-sdk'

client = Aws::CodeBuild::Client.new(region: 'us-west-2')

resp = client.list_projects({ sort_by: 'NAME', # accepts NAME, CREATED_TIME, LAST_MODIFIED_TIME sort_order: 'ASCENDING' # accepts ASCENDING, DESCENDING

56

http://www.amazonaws.cn/documentation/codebuild/
Page 62: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideBuilding an AWS CodeBuild Project

})

resp.projects.each { |p| puts p }

puts

Choose Copy to save the code locally. See the complete example on GitHub.

Building an AWS CodeBuild ProjectThe following example builds the AWS CodeBuild project specified on the command line. If no commandline argument is supplied, it emits an error and quits.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-codebuild' # v2: require 'aws-sdk'

project_name = ''

if ARGV.length != 1 puts 'You must supply the name of the project to build' exit 1else project_name = ARGV[0]end

client = Aws::CodeBuild::Client.new(region: 'us-west-2')

begin client.start_build(project_name: project_name) puts 'Building project ' + project_namerescue StandardError => ex puts 'Error building project: ' + ex.messageend

Choose Copy to save the code locally. See the complete example on GitHub.

Listing AWS CodeBuild Project BuildsThe following example displays information about your AWS CodeBuild project builds. This informationincludes the name of the project, when the build started, and how long each phase of the build took, inseconds.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/#

57

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/codebuild/aws-ruby-sdk-codebuild-example-list-projects.rb
https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/codebuild/aws-ruby-sdk-codebuild-example-build-project.rb
Page 63: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon DynamoDB Examples

# This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-codebuild' # v2: require 'aws-sdk'

client = Aws::CodeBuild::Client.new(region: 'us-west-2')

build_list = client.list_builds({sort_order: 'ASCENDING', })

builds = client.batch_get_builds({ids: build_list.ids})

builds.builds.each do |build| puts 'Project: ' + build.project_name puts 'Phase: ' + build.current_phase puts 'Status: ' + build.build_statusend

Choose Copy to save the code locally. See the complete example on GitHub.

Amazon DynamoDB Examples Using the AWS SDKfor Ruby

Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictableperformance with seamless scalability. You can use the following examples to access DynamoDB servicesby using the AWS SDK for Ruby. For more information about DynamoDB, see the Amazon DynamoDBdocumentation. Specifically, see Ruby and DynamoDB to learn how to:

• Create a table.• Load sample data in JSON format.• Perform create, read, update, and delete operations on a table item.• Run simple queries.

The topic also provides a link to a downloadable version of DynamoDB, which includes an interactiveweb interface so you can experiment with DynamoDB offline.

Topics• Getting Information about All Amazon DynamoDB Tables (p. 58)• Creating an Amazon DynamoDB Table (p. 60)• Adding an Item to an Amazon DynamoDB Table (p. 61)• Loading Items from a JSON File into an Amazon DynamoDB Table (p. 63)• Reading an Item in an Amazon DynamoDB Table (p. 65)• Updating an Amazon DynamoDB Table Item (p. 66)• Deleting an Amazon DynamoDB Table Item (p. 67)• Deleting an Amazon DynamoDB Table (p. 68)

Getting Information about All Amazon DynamoDBTablesThe following example lists the names and number of items in each table in the us-west-2 region.

58

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/codebuild/aws-ruby-sdk-codebuild-example-list-builds.rb
http://www.amazonaws.cn/documentation/dynamodb
http://www.amazonaws.cn/documentation/dynamodb
https://docs.amazonaws.cn/amazondynamodb/latest/developerguide/GettingStarted.Ruby.html
Page 64: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about All Amazon DynamoDB Tables

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-dynamodb'

# Gets a list of available table names in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @return [Array] The list of available table names as an array of type String.# @example# table_names = get_table_names(# Aws::DynamoDB::Client.new(region, 'us-west-2')# )# table_names.each do |table_name|# puts table_name# enddef get_table_names(dynamodb_client) result = dynamodb_client.list_tables result.table_namesrescue StandardError => e puts "Error getting table names: #{e.message}" 'Error'end

# Gets a count of items in a table in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @param table_name [String] The name of the table.# @return [Integer] The number of items in the table.# @example# puts get_count_of_table_items(# Aws::DynamoDB::Client.new(region, 'us-west-2'),# 'Movies'# )def get_count_of_table_items(dynamodb_client, table_name) result = dynamodb_client.scan(table_name: table_name) result.items.countrescue StandardError => e puts "Error getting items for table '#{table_name}': #{e.message}" 'Error'end

# Full example call:def run_me region = 'us-west-2'

dynamodb_client = Aws::DynamoDB::Client.new(region: region) table_names = get_table_names(dynamodb_client)

if table_names == 'Error' puts 'Cannot get table names. Stopping program.' elsif table_names.count.zero? puts "Cannot find any tables in AWS Region '#{region}'." else puts "Found #{table_names.count} tables in AWS Region '#{region}':" puts "(Displaying information for only the first 100 tables)" if table_names.count > 100 table_names.each do |table_name| table_items_count = get_count_of_table_items(dynamodb_client, table_name)

if table_items_count == 'Error' puts "Cannot get count of items for table '#{table_name}'."

59

Page 65: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon DynamoDB Table

elsif table_items_count.zero? puts "Table '#{table_name}' has no items." else puts "Table '#{table_name}' has #{table_items_count} items." end

end endend

run_me if $PROGRAM_NAME == __FILE__

Creating an Amazon DynamoDB TableThe following example creates the table Movies with two required attributes: year and title in theus-west-2 region.

The wait_until call blocks you from using the table until DynamoDB has created it. By default, theDynamoDB client’s wait_until method checks every 20 seconds, up to a maximum of 500 seconds, tosee if the table was created.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-dynamodb'

# Creates a table in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @param table_definition [Hash] The properties of the new table, # specified in the correct hash format.# @return [String] The creation status of the new table or the# string 'Error'.# @example# puts create_table(# Aws::DynamoDB::Client.new(region: 'us-west-2'),# {# table_name: 'Movies',# key_schema: [# {# attribute_name: 'year',# key_type: 'HASH' # Partition key.# },# {# attribute_name: 'title',# key_type: 'RANGE' # Sort key.# }# ],# attribute_definitions: [# {# attribute_name: 'year',# attribute_type: 'N'# },# {# attribute_name: 'title',# attribute_type: 'S'# }# ],# provisioned_throughput: {# read_capacity_units: 10,# write_capacity_units: 10# }

60

Page 66: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAdding an Item to an Amazon DynamoDB Table

# }# )def create_table(dynamodb_client, table_definition) response = dynamodb_client.create_table(table_definition) response.table_description.table_statusrescue StandardError => e puts "Error creating table: #{e.message}" 'Error'end

# Full example call:def run_me region = 'us-west-2' table_name = 'Movies'

dynamodb_client = Aws::DynamoDB::Client.new(region: region)

table_definition = { table_name: table_name, key_schema: [ { attribute_name: 'year', key_type: 'HASH' # Partition key. }, { attribute_name: 'title', key_type: 'RANGE' # Sort key. } ], attribute_definitions: [ { attribute_name: 'year', attribute_type: 'N' }, { attribute_name: 'title', attribute_type: 'S' } ], provisioned_throughput: { read_capacity_units: 10, write_capacity_units: 10 } }

puts "Creating the table named '#{table_name}'..." create_table_result = create_table(dynamodb_client, table_definition)

if create_table_result == 'Error' puts 'Table not created.' else puts "Table created with status '#{create_table_result}'." endend

run_me if $PROGRAM_NAME == __FILE__

See the complete example on GitHub.

Adding an Item to an Amazon DynamoDB TableThe following example adds an item with the year 2015 and title The Big New Movie to the Moviestable in the us-west-2 region.

61

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/dynamodb/dynamodb_ruby_example_create_movies_table.rb
Page 67: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAdding an Item to an Amazon DynamoDB Table

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-dynamodb'

# Adds an item to a table in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @param table_item [Hash] The properties of the item, in the correct format.# @example# add_item_to_table(# Aws::DynamoDB::Client.new(region, 'us-west-2'),# {# table_name: 'Movies',# item: {# "year": 1985,# "title": "The Big Movie",# "info": {# "plot": "Nothing happens at all.",# "rating": 5.5# }# }# }# )def add_item_to_table(dynamodb_client, table_item) dynamodb_client.put_item(table_item) puts "Added movie '#{table_item[:item][:title]} " \ "(#{table_item[:item][:year]})'."rescue StandardError => e puts "Error adding movie '#{table_item[:item][:title]} " \ "(#{table_item[:item][:year]})': #{e.message}"end

# Full example call:def run_me region = 'us-west-2' table_name = 'Movies' year = 2015 title = 'The Big New Movie' plot = 'Nothing happens at all.' rating = 5.5

dynamodb_client = Aws::DynamoDB::Client.new(region: region)

table_item = { table_name: table_name, item: { year: year, title: title, info: { plot: plot, rating: rating } } }

puts "Adding movie '#{table_item[:item][:title]} " \ " (#{table_item[:item][:year]})' " \ "to table '#{table_name}'..." add_item_to_table(dynamodb_client, table_item)end

run_me if $PROGRAM_NAME == __FILE__

62

Page 68: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideLoading Items from a JSON File

into an Amazon DynamoDB Table

See the complete example on GitHub.

Loading Items from a JSON File into an AmazonDynamoDB TableThe following example adds the items from the JSON file movie_data.json to the Movies table in theus-west-2 region.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-dynamodb'require 'json'

# Adds an item to a table in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @param table_item [Hash] The properties of the item, in the correct format.# @example# add_item_to_table(# Aws::DynamoDB::Client.new(region, 'us-west-2'),# {# table_name: 'Movies',# item: {# "year": 1985,# "title": "The Big Movie",# "info": {# "directors": ["Mary"],# "release_date": "1985-12-25T00:00:00Z",# "rating": 5.5,# "genres": [# "Action",# "Drama"# ],# "image_url": "http://docs.aws.amazon.com/assets/images/aws_logo_dark.png",# "plot": "Nothing happens at all.",# "rank": 2,# "running_time_secs": 7380,# "actors": [# "Larry",# "Moe",# "Curly"# ]# }# }# }# )def add_item_to_table(dynamodb_client, table_item) dynamodb_client.put_item(table_item) puts "Added movie: #{table_item[:item]['title']} " \ "(#{table_item[:item]['year']})"rescue StandardError => e puts 'Error adding movie ' \ "#{table_item[:item]['title']} " \ "(#{table_item[:item]['year']})': #{e.message}" puts 'Program stopped.' exit 1end

# Full example call:def run_me region = 'us-west-2'

63

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/dynamodb/dynamodb_ruby_example_create_movies_item.rb
Page 69: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideLoading Items from a JSON File

into an Amazon DynamoDB Table

table_name = 'Movies' data_file = 'moviedata.json'

dynamodb_client = Aws::DynamoDB::Client.new(region: region) file = File.read(data_file) movies = JSON.parse(file)

puts "Adding movies from file '#{data_file}' " \ "into table '#{table_name}'..."

movies.each do |movie| table_item = { table_name: table_name, item: movie } add_item_to_table(dynamodb_client, table_item) end

puts 'Done.'end

run_me if $PROGRAM_NAME == __FILE__

Here is an example of a JSON file that loads two movies.

[ { "year": 2015, "title": "The Big New Movie", "info": { "plot": "Nothing happens at all.", "rating": 1.0, "directors" : [ "Alice", "Bob" ], "release_date" : "2015-01-18T00:00:00Z", "genres" : [ "Comedy", "Drama" ], "image_url" : "https://d0.awsstatic.com/logos/powered-by-aws.png", "rank" : 11, "running_time_secs" : 5215, "actors" : [ "David", "Ann", "Jonathan" ] } }, { "year": 2017, "title": "The Big New Movie 2", "info": { "plot": "Nothing happens at all again.", "rating": 2.0, "directors" : [ "Joe", "Mary" ], "release_date" : "2017-01-17T00:00:00Z", "genres" : [ "Comedy", "Drama"

64

Page 70: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideReading an Item in an Amazon DynamoDB Table

], "image_url" : "https://d0.awsstatic.com/logos/powered-by-aws-white.png", "rank" : 10, "running_time_secs" : 5221, "actors" : [ "Bob", "Sue", "Jim" ] } }]

See the complete example and the JSON file on GitHub.

Reading an Item in an Amazon DynamoDB TableThe following example displays information about the item with the year 2015 and title The Big NewMovie in the Movies table in the us-west-2 region.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-dynamodb'

# Gets an item from a table in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @param table_item [Hash] The properties of the item, in the correct format.# @example# get_item_from_table(# Aws::DynamoDB::Client.new(region, 'us-west-2'),# {# table_name: 'Movies',# item: {# "year": 2015,# "title": "The Big Movie"# }# }# )def get_item_from_table(dynamodb_client, table_item) result = dynamodb_client.get_item(table_item) puts "#{result.item['title']} (#{result.item['year'].to_i}):" puts " Plot: #{result.item['info']['plot']}" puts " Rating: #{result.item['info']['rating'].to_i}"rescue StandardError => e puts "Error getting movie '#{table_item[:key][:title]} " \ "(#{table_item[:key][:year]})': #{e.message}"end

# Full example call:def run_me region = 'us-west-2' table_name = 'Movies' title = 'The Big New Movie' year = 2015

dynamodb_client = Aws::DynamoDB::Client.new(region: region)

table_item = { table_name: table_name, key: {

65

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/example_code/dynamodb/dynamodb_ruby_example_load_movies.rb
https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/example_code/dynamodb/movie_data.json
Page 71: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUpdating an Amazon DynamoDB Table Item

year: year, title: title } }

puts "Getting information about '#{title} (#{year})' " \ "from table '#{table_name}'..." get_item_from_table(dynamodb_client, table_item)end

run_me if $PROGRAM_NAME == __FILE__

See the complete example on GitHub.

Updating an Amazon DynamoDB Table ItemThe following example updates the rating to 0.1 for the item with the year 2015 and title The BigNew Movie in the Movies table in the us-west-2 region.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-dynamodb'

# Updates an item in a table in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @param table_item [Hash] The properties of the item, in the correct format.# @return [Boolean] true if the item was updated; otherwise, false.# @example# exit 1 unless table_item_updated?(# Aws::DynamoDB::Client.new(region, 'us-west-2'),# {# table_name: 'Movies',# key: {# year: 2015,# title: 'The Big New Movie'# },# update_expression: 'SET info.rating = :r',# expression_attribute_values: { ':r': 0.1 },# return_values: 'UPDATED_NEW'# }# )def table_item_updated?(dynamodb_client, table_item) response = dynamodb_client.update_item(table_item) puts "Table item updated with the following attributes for 'info':" response.attributes['info'].each do |key, value| if key == 'rating' puts "#{key}: #{value.to_f}" else puts "#{key}: #{value}" end end truerescue StandardError => e puts "Error updating item: #{e.message}" falseend

# Full example call:def run_me region = 'us-west-2'

66

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/dynamodb/dynamodb_ruby_example_read_movies_item.rb
Page 72: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDeleting an Amazon DynamoDB Table Item

table_name = 'Movies' title = 'The Big New Movie' year = 2015

dynamodb_client = Aws::DynamoDB::Client.new(region: region)

table_item = { table_name: table_name, key: { year: year, title: title }, update_expression: 'SET info.rating = :r', expression_attribute_values: { ':r': 0.1 }, return_values: 'UPDATED_NEW' }

puts "Updating table '#{table_name}' with information about " \ "'#{title} (#{year})'..."

if table_item_updated?(dynamodb_client, table_item) puts 'Table updated.' else puts 'Table not updated.' endend

run_me if $PROGRAM_NAME == __FILE__

See the complete example on GitHub.

Deleting an Amazon DynamoDB Table ItemThe following example deletes item with the year 2015 and title The Big New Movie from theMovies table in the us-west-2 region.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-dynamodb'

# Deletes an item from a table in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @param table_item [Hash] The properties of the item, in the correct format.# @return [Boolean] true if the item was deleted; otherwise, false.# @example# ext 1 unless item_deleted_from_table?(# Aws::DynamoDB::Client.new(region, 'us-west-2'),# {# table_name: 'Movies',# key: {# year: 2015,# title: 'The Big New Movie'# }# }# )def item_deleted_from_table?(dynamodb_client, table_item) dynamodb_client.delete_item(table_item) truerescue StandardError => e puts "Error deleting item: #{e.message}"

67

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/dynamodb/dynamodb_ruby_example_update_movies_item.rb
Page 73: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDeleting an Amazon DynamoDB Table

falseend

# Full example call:def run_me region = 'us-west-2' table_name = 'Movies' year = 2015 title = 'The Big New Movie'

dynamodb_client = Aws::DynamoDB::Client.new(region: region)

table_item = { table_name: table_name, key: { year: year, title: title } }

puts "Deleting movie '#{title} (#{year})' from the '#{table_name}' table..."

if item_deleted_from_table?(dynamodb_client, table_item) puts 'Item deleted.' else puts 'Item not deleted.' endend

run_me if $PROGRAM_NAME == __FILE__

See the complete example on GitHub.

Deleting an Amazon DynamoDB TableThe following example deletes the Movies table in the us-west-2 region.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-dynamodb'

# Deletes a table in Amazon DynamoDB.## @param dynamodb_client [Aws::DynamoDB::Client] An initialized# Amazon DynamoDB client.# @param table_name [String] The name of the table to delete.# @return [Boolean] true if the table was deleted; otherwise, false.# @example# ext 1 unless table_deleted?(# Aws::DynamoDB::Client.new(region, 'us-west-2'),# 'Movies'# )def table_deleted?(dynamodb_client, table_name) dynamodb_client.delete_table(table_name: table_name) truerescue StandardError => e puts "Error deleting table: #{e.message}" falseend

# Full example call:def run_me

68

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/dynamodb/dynamodb_ruby_example_delete_movies_item.rb
Page 74: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon EC2 Examples

region = 'us-west-2' table_name = 'Movies'

dynamodb_client = Aws::DynamoDB::Client.new(region: region)

puts "Deleting table '#{table_name}'..."

if table_deleted?(dynamodb_client, table_name) puts 'Table deleted.' else puts 'Table not deleted.' endend

run_me if $PROGRAM_NAME == __FILE__

See the complete example on GitHub.

Amazon EC2 Examples Using the AWS SDK forRuby

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizeable computingcapacity—literally servers in Amazon’s data centers—that you use to build and host your softwaresystems. You can use the following examples to access Amazon EC2 using the AWS SDK for Ruby. Formore information about Amazon EC2, see the Amazon EC2 Documentation.

Topics• Creating an Amazon EC2 VPC (p. 69)• Creating an Internet Gateway and Attaching It to a VPC in Amazon EC2 (p. 71)• Creating a Public Subnet for Amazon EC2 (p. 72)• Creating an Amazon EC2 Route Table and Associating It with a Subnet (p. 74)• Using Elastic IP Addresses in Amazon EC2 (p. 76)• Creating an Amazon EC2 Security Group (p. 80)• Working with Amazon EC2 Security Groups (p. 82)• Working with Key Pairs in Amazon EC2 (p. 87)• Getting Information about All Amazon EC2 Instances (p. 90)• Getting Information about All Amazon EC2 Instances with a Specific Tag Value (p. 91)• Getting Information about a Specific Amazon EC2 Instance (p. 92)• Creating an Amazon EC2 Instance (p. 93)• Stopping an Amazon EC2 Instance (p. 95)• Starting an Amazon EC2 Instance (p. 97)• Rebooting an Amazon EC2 Instance (p. 98)• Managing Amazon EC2 Instances (p. 99)• Terminating an Amazon EC2 Instance (p. 102)• Getting Information about Regions and Availability Zones for Amazon EC2 (p. 104)

Creating an Amazon EC2 VPCThe following code example creates a virtual private cloud (VPC) in Amazon Virtual Private Cloud(Amazon VPC) and then tags the VPC.

69

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/dynamodb/dynamodb_ruby_example_delete_movies_table.rb
http://www.amazonaws.cn/documentation/ec2/
Page 75: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon EC2 VPC

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Creates a virtual private cloud (VPC) in# Amazon Virtual Private Cloud (Amazon VPC) and then tags# the VPC.## @param ec2_resource [Aws::EC2::Resource] An initialized# Amazon Elastic Compute Cloud (Amazon EC2) resource object.# @param cidr_block [String] The IPv4 CIDR block for the subnet.# @param tag_key [String] The key portion of the tag for the VPC. # @param tag_value [String] The value portion of the tag for the VPC.# @return [Boolean] true if the VPC was created and tagged;# otherwise, false.# @example# exit 1 unless vpc_created_and_tagged?(# Aws::EC2::Resource.new(region: 'us-east-1'),# '10.0.0.0/24',# 'my-key',# 'my-value'# )def vpc_created_and_tagged?( ec2_resource, cidr_block, tag_key, tag_value) vpc = ec2_resource.create_vpc(cidr_block: cidr_block)

# Create a public DNS by enabling DNS support and DNS hostnames. vpc.modify_attribute(enable_dns_support: { value: true }) vpc.modify_attribute(enable_dns_hostnames: { value: true })

vpc.create_tags(tags: [{ key: tag_key, value: tag_value }])

puts "Created VPC with ID '#{vpc.id}' and tagged with key " \ "'#{tag_key}' and value '#{tag_value}'." return truerescue StandardError => e puts "#{e.message}" return falseend

# Full example call:def run_me cidr_block = '' tag_key = '' tag_value = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-create-vpc.rb ' \ 'CIDR_BLOCK TAG_KEY TAG_VALUE REGION' puts 'Example: ruby ec2-ruby-example-create-vpc.rb ' \ '10.0.0.0/24 my-key my-value us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? cidr_block = '10.0.0.0/24' tag_key = 'my-key' tag_value = 'my-value' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt.

70

Page 76: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Internet Gateway and

Attaching It to a VPC in Amazon EC2

else cidr_block = ARGV[0] tag_key = ARGV[1] tag_value = ARGV[2] region = ARGV[3] end

ec2_resource = Aws::EC2::Resource.new(region: region)

if vpc_created_and_tagged?( ec2_resource, cidr_block, tag_key, tag_value ) puts 'VPC created and tagged.' else puts 'VPC not created or not tagged.' endend

run_me if $PROGRAM_NAME == __FILE__

Creating an Internet Gateway and Attaching It to aVPC in Amazon EC2The following code example creates an internet gateway and then attaches it to a virtual private cloud(VPC) in Amazon Virtual Private Cloud (Amazon VPC).

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Creates an internet gateway and then attaches it to a virtual private cloud# (VPC) in Amazon Virtual Private Cloud (Amazon VPC).## Prerequisites:## - A VPC in Amazon VPC.## @param ec2_resource [Aws::EC2::Resource] An initialized# Amazon Elastic Compute Cloud (Amazon EC2) resource object.# @param vpc_id [String] The ID of the VPC to attach the internet gateway.# @param tag_key [String] The key of the tag to attach to the internet gateway.# @param tag_value [String] The value of the tag to attach to the# internet gateway.# @return [Boolean] true if the internet gateway was created and attached;# otherwise, false.# @example# exit 1 unless internet_gateway_created_and_attached?(# Aws::EC2::Resource.new(region: 'us-east-1'),# 'vpc-6713dfEX'# )def internet_gateway_created_and_attached?( ec2_resource, vpc_id, tag_key, tag_value) igw = ec2_resource.create_internet_gateway puts "The internet gateway's ID is '#{igw.id}'."

71

Page 77: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating a Public Subnet for Amazon EC2

igw.attach_to_vpc(vpc_id: vpc_id) igw.create_tags( tags: [ { key: tag_key, value: tag_value } ] ) return truerescue StandardError => e puts "Error creating or attaching internet gateway: #{e.message}" puts 'If the internet gateway was created but not attached, you should ' \ 'clean up by deleting the internet gateway.' return falseend

# Full example call:def run_me vpc_id = '' tag_key = '' tag_value = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-attach-igw-vpc.rb ' \ 'VPC_ID TAG_KEY TAG_VALUE REGION' puts 'Example: ruby ec2-ruby-example-attach-igw-vpc.rb ' \ 'vpc-6713dfEX my-key my-value us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? vpc_id = 'vpc-6713dfEX' tag_key = 'my-key' tag_value = 'my-value' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else vpc_id = ARGV[0] tag_key = ARGV[1] tag_value = ARGV[2] region = ARGV[3] end

ec2_resource = Aws::EC2::Resource.new(region: region)

if internet_gateway_created_and_attached?( ec2_resource, vpc_id, tag_key, tag_value ) puts "Created and attached internet gateway to VPC '#{vpc_id}'." else puts "Could not create or attach internet gateway to VPC '#{vpc_id}'." endend

run_me if $PROGRAM_NAME == __FILE__

Creating a Public Subnet for Amazon EC2The following code example creates a subnet within a virtual private cloud (VPC) in Amazon VirtualPrivate Cloud (Amazon VPC) and then tags the subnet.

72

Page 78: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating a Public Subnet for Amazon EC2

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Creates a subnet within a virtual private cloud (VPC) in # Amazon Virtual Private Cloud (Amazon VPC) and then tags# the subnet.## Prerequisites:## - A VPC in Amazon VPC.## @param ec2_resource [Aws::EC2::Resource] An initialized# Amazon Elastic Compute Cloud (Amazon EC2) resource object.# @param vpc_id [String] The ID of the VPC for the subnet.# @param cidr_block [String] The IPv4 CIDR block for the subnet.# @param availability_zone [String] The ID of the Availability Zone# for the subnet.# @param tag_key [String] The key portion of the tag for the subnet. # @param tag_vlue [String] The value portion of the tag for the subnet.# @return [Boolean] true if the subnet was created and tagged;# otherwise, false.# @example# exit 1 unless subnet_created_and_tagged?(# Aws::EC2::Resource.new(region: 'us-east-1'),# 'vpc-6713dfEX',# '10.0.0.0/24',# 'us-east-1a',# 'my-key',# 'my-value'# )def subnet_created_and_tagged?( ec2_resource, vpc_id, cidr_block, availability_zone, tag_key, tag_value) subnet = ec2_resource.create_subnet( vpc_id: vpc_id, cidr_block: cidr_block, availability_zone: availability_zone ) subnet.create_tags( tags: [ { key: tag_key, value: tag_value } ] ) puts "Subnet created with ID '#{subnet.id}' in VPC with ID '#{vpc_id}' " \ "and CIDR block '#{cidr_block}' in availability zone " \ "'#{availability_zone}' and tagged with key '#{tag_key}' and " \ "value '#{tag_value}'." return truerescue StandardError => e puts "Error creating or tagging subnet: #{e.message}" return falseend

# Full example call:def run_me

73

Page 79: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon EC2 Route Table

and Associating It with a Subnet

vpc_id = '' cidr_block = '' availability_zone = '' tag_key = '' tag_value = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-create-subnet.rb ' \ 'VPC_ID CIDR_BLOCK AVAILABILITY_ZONE TAG_KEY TAG_VALUE REGION' puts 'Example: ruby ec2-ruby-example-create-subnet.rb ' \ 'vpc-6713dfEX 10.0.0.0/24 us-east-1a my-key my-value us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? vpc_id = 'vpc-6713dfEX' cidr_block = '10.0.0.0/24' availability_zone = 'us-east-1a' tag_key = 'my-key' tag_value = 'my-value' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else vpc_id = ARGV[0] cidr_block = ARGV[1] availability_zone = ARGV[2] tag_key = ARGV[3] tag_value = ARGV[4] region = ARGV[5] end

ec2_resource = Aws::EC2::Resource.new(region: region)

if subnet_created_and_tagged?( ec2_resource, vpc_id, cidr_block, availability_zone, tag_key, tag_value ) puts 'Subnet created and tagged.' else puts 'Subnet not created or not tagged.' endend

run_me if $PROGRAM_NAME == __FILE__

Creating an Amazon EC2 Route Table and AssociatingIt with a SubnetThe following code example creates a route table in Amazon Virtual Private Cloud (Amazon VPC) andthen associates the route table with a subnet in Amazon VPC.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Creates a route table in Amazon Virtual Private Cloud (Amazon VPC)# and then associates the route table with a subnet in Amazon VPC.

74

Page 80: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon EC2 Route Table

and Associating It with a Subnet

## Prerequisites:## - A VPC in Amazon VPC.# - A subnet in that VPC.# - A gateway attached to that subnet.## @param ec2_resource [Aws::EC2::Resource] An initialized# Amazon Elastic Compute Cloud (Amazon EC2) resource object.# @param vpc_id [String] The ID of the VPC for the route table.# @param subnet_id [String] The ID of the subnet for the route table.# @param gateway_id [String] The ID of the gateway for the route.# @param destination_cidr_block [String] The destination CIDR block# for the route. # @param tag_key [String] The key portion of the tag for the route table.# @param tag_value [String] The value portion of the tag for the route table.# @return [Boolean] true if the route table was created and associated;# otherwise, false.# @example# exit 1 unless route_table_created_and_associated?(# Aws::EC2::Resource.new(region: 'us-east-1'),# 'vpc-0b6f769731EXAMPLE',# 'subnet-03d9303b57EXAMPLE',# 'igw-06ca90c011EXAMPLE',# '0.0.0.0/0',# 'my-key',# 'my-value'# )def route_table_created_and_associated?( ec2_resource, vpc_id, subnet_id, gateway_id, destination_cidr_block, tag_key, tag_value) route_table = ec2_resource.create_route_table(vpc_id: vpc_id) puts "Created route table with ID '#{route_table.id}'." route_table.create_tags( tags: [ { key: tag_key, value: tag_value } ] ) puts 'Added tags to route table.' route_table.create_route( destination_cidr_block: destination_cidr_block, gateway_id: gateway_id ) puts 'Created route with destination CIDR block ' \ "'#{destination_cidr_block}' and associated with gateway " \ "with ID '#{gateway_id}'." route_table.associate_with_subnet(subnet_id: subnet_id) puts "Associated route table with subnet with ID '#{subnet_id}'." return truerescue StandardError => e puts "Error creating or associating route table: #{e.message}" puts 'If the route table was created but not associated, you should ' \ 'clean up by deleting the route table.' return falseend

# Full example call:

75

Page 81: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing Elastic IP Addresses in Amazon EC2

def run_me vpc_id = '' subnet_id = '' gateway_id = '' destination_cidr_block = '' tag_key = '' tag_value = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-create-route-table.rb ' \ 'VPC_ID SUBNET_ID GATEWAY_ID DESTINATION_CIDR_BLOCK ' \ 'TAG_KEY TAG_VALUE REGION' puts 'Example: ruby ec2-ruby-example-create-route-table.rb ' \ 'vpc-0b6f769731EXAMPLE subnet-03d9303b57EXAMPLE igw-06ca90c011EXAMPLE ' \ '\'0.0.0.0/0\' my-key my-value us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? vpc_id = 'vpc-0b6f769731EXAMPLE' subnet_id = 'subnet-03d9303b57EXAMPLE' gateway_id = 'igw-06ca90c011EXAMPLE' destination_cidr_block = '0.0.0.0/0' tag_key = 'my-key' tag_value = 'my-value' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else vpc_id = ARGV[0] subnet_id = ARGV[1] gateway_id = ARGV[2] destination_cidr_block = ARGV[3] tag_key = ARGV[4] tag_value = ARGV[5] region = ARGV[6] end

ec2_resource = Aws::EC2::Resource.new(region: region)

if route_table_created_and_associated?( ec2_resource, vpc_id, subnet_id, gateway_id, destination_cidr_block, tag_key, tag_value ) puts 'Route table created and associated.' else puts 'Route table not created or not associated.' endend

run_me if $PROGRAM_NAME == __FILE__

Using Elastic IP Addresses in Amazon EC2The following code example:

1. Displays information about any addresses associated with an Amazon Elastic Compute Cloud (AmazonEC2) instance.

2. Creates an Elastic IP address in Amazon Virtual Private Cloud (Amazon VPC).

76

Page 82: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing Elastic IP Addresses in Amazon EC2

3. Associates the address with the instance.

4. Displays information again about addresses associated with the instance. This time, the new addressassociation should display.

5. Releases the address.

6. Displays information again about addresses associated with the instance. This time, the releasedaddress should not display.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# This code example does the following:# 1. Displays information about any addresses associated with an# Amazon Elastic Compute Cloud (Amazon EC2) instance.# 2. Creates an Elastic IP address in Amazon Virtual Private Cloud (Amazon VPC).# 3. Associates the address with the instance.# 4. Displays information again about addresses associated with the instance.# This time, the new address association should display.# 5. Releases the address.# 6. Displays information again about addresses associated with the instance.# This time, the released address should not display.

require 'aws-sdk-ec2'

# Checks whether the specified Amazon Elastic Compute Cloud# (Amazon EC2) instance exists.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @return [Boolean] true if the instance exists; otherwise, false.# @example# exit 1 unless instance_exists?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'i-033c48ef067af3dEX'# )def instance_exists?(ec2_client, instance_id) ec2_client.describe_instances(instance_ids: [instance_id]) return truerescue StandardError return falseend

# Creates an Elastic IP address in Amazon Virtual Private Cloud (Amazon VPC).## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @return [String] The allocation ID corresponding to the Elastic IP address.# @example# puts allocate_elastic_ip_address(Aws::EC2::Client.new(region: 'us-east-1'))def allocate_elastic_ip_address(ec2_client) response = ec2_client.allocate_address(domain: 'vpc') return response.allocation_idrescue StandardError => e puts "Error allocating Elastic IP address: #{e.message}" return 'Error'end

# Associates an Elastic IP address with an Amazon Elastic Compute Cloud# (Amazon EC2) instance.#

77

Page 83: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing Elastic IP Addresses in Amazon EC2

# Prerequisites:## - The allocation ID corresponding to the Elastic IP address.# - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param allocation_id [String] The ID of the allocation corresponding to# the Elastic IP address.# @param instance_id [String] The ID of the instance.# @return [String] The assocation ID corresponding to the association of the# Elastic IP address to the instance.# @example# puts allocate_elastic_ip_address(# Aws::EC2::Client.new(region: 'us-east-1'),# 'eipalloc-04452e528a66279EX',# 'i-033c48ef067af3dEX')def associate_elastic_ip_address_with_instance( ec2_client, allocation_id, instance_id) response = ec2_client.associate_address( allocation_id: allocation_id, instance_id: instance_id, ) return response.association_idrescue StandardError => e puts "Error associating Elastic IP address with instance: #{e.message}" return 'Error'end

# Gets information about addresses associated with an# Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @example# describe_addresses_for_instance(# Aws::EC2::Client.new(region: 'us-east-1'),# 'i-033c48ef067af3dEX'# )def describe_addresses_for_instance(ec2_client, instance_id) response = ec2_client.describe_addresses( filters: [ { name: 'instance-id', values: [instance_id] } ] ) addresses = response.addresses if addresses.count.zero? puts 'No addresses.' else addresses.each do |address| puts '-' * 20 puts "Public IP: #{address.public_ip}" puts "Private IP: #{address.private_ip_address}" end endrescue StandardError => e puts "Error getting address information for instance: #{e.message}"

78

Page 84: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing Elastic IP Addresses in Amazon EC2

end

# Releases an Elastic IP address from an# Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - An Amazon EC2 instance with an associated Elastic IP address.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param allocation_id [String] The ID of the allocation corresponding to# the Elastic IP address.# @return [Boolean] true if the Elastic IP address was released;# otherwise, false.# @example# exit 1 unless elastic_ip_address_released?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'eipalloc-04452e528a66279EX'# )def elastic_ip_address_released?(ec2_client, allocation_id) ec2_client.release_address(allocation_id: allocation_id) return truerescue StandardError => e return "Error releasing Elastic IP address: #{e.message}" return falseend

# Full example call:def run_me instance_id = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-elastic-ips.rb ' \ 'INSTANCE_ID REGION' puts 'Example: ruby ec2-ruby-example-elastic-ips.rb ' \ 'i-033c48ef067af3dEX us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? instance_id = 'i-033c48ef067af3dEX' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else instance_id = ARGV[0] region = ARGV[1] end

ec2_client = Aws::EC2::Client.new(region: region)

unless instance_exists?(ec2_client, instance_id) puts "Cannot find instance with ID '#{instance_id}'. Stopping program." exit 1 end

puts "Addresses for instance with ID '#{instance_id}' before allocating " \ 'Elastic IP address:' describe_addresses_for_instance(ec2_client, instance_id)

puts 'Allocating Elastic IP address...' allocation_id = allocate_elastic_ip_address(ec2_client) if allocation_id.start_with?('Error') puts 'Stopping program.' exit 1 else puts "Elastic IP address created with allocation ID '#{allocation_id}'."

79

Page 85: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon EC2 Security Group

end

puts 'Associating Elastic IP address with instance...' association_id = associate_elastic_ip_address_with_instance( ec2_client, allocation_id, instance_id ) if association_id.start_with?('Error') puts 'Stopping program. You must associate the Elastic IP address yourself.' exit 1 else puts 'Elastic IP address associated with instance with association ID ' \ "'#{association_id}'." end

puts 'Addresses for instance after allocating Elastic IP address:' describe_addresses_for_instance(ec2_client, instance_id)

puts 'Releasing the Elastic IP address from the instance...' if elastic_ip_address_released?(ec2_client, allocation_id) == false puts 'Stopping program. You must release the Elastic IP address yourself.' exit 1 else puts 'Address released.' end

puts 'Addresses for instance after releasing Elastic IP address:' describe_addresses_for_instance(ec2_client, instance_id)end

run_me if $PROGRAM_NAME == __FILE__

Creating an Amazon EC2 Security GroupThe following code example creates an Amazon EC2 security group and then adds an outbound rule tothat security group.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group and# then adds an outbound rule to that security group.## Prerequisites:## - A VPC in Amazon Virtual Private Cloud (Amazon VPC).## @param ec2_resource [Aws::EC2::Resource] An initialized# Amazon EC2 resource object.# @param group_name [String] A name for the security group.# @param description [String] A description for the security group.# @param vpc_id [String] The ID of the VPC for the security group.# @param protocol [String] The network protocol for the outbound rule.# @param from_port [String] The originating port for the outbound rule.# @param to_port [String] The destination port for the outbound rule. # @param cidr_ip_range [String] The CIDR IP range for the outbound rule.# @return [Boolean] true if the security group was created and the outbound# rule was added; otherwise, false.# @example# exit 1 unless security_group_created_with_egress?(

80

Page 86: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon EC2 Security Group

# Aws::EC2::Resource.new(region: 'us-east-1'),# 'my-security-group',# 'This is my security group.',# 'vpc-6713dfEX',# 'tcp',# '22',# '22',# '0.0.0.0/0'# )def security_group_created_with_egress?( ec2_resource, group_name, description, vpc_id, ip_protocol, from_port, to_port, cidr_ip_range) security_group = ec2_resource.create_security_group( group_name: group_name, description: description, vpc_id: vpc_id ) puts "Created security group '#{group_name}' with ID " \ "'#{security_group.id}' in VPC with ID '#{vpc_id}'." security_group.authorize_egress( ip_permissions: [ { ip_protocol: ip_protocol, from_port: from_port, to_port: to_port, ip_ranges: [ { cidr_ip: cidr_ip_range } ] } ] ) puts "Granted egress to security group '#{group_name}' for protocol " \ "'#{ip_protocol}' from port '#{from_port}' to port '#{to_port}' " \ "with CIDR IP range '#{cidr_ip_range}'." return truerescue StandardError => e puts "Error creating security group or granting egress: #{e.message}" return falseend

# Full example call:def run_me group_name = '' description = '' vpc_id = '' ip_protocol = '' from_port = '' to_port = '' cidr_ip_range = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-create-security-group.rb ' \ 'GROUP_NAME DESCRIPTION VPC_ID IP_PROTOCOL FROM_PORT TO_PORT ' \ 'CIDR_IP_RANGE REGION' puts 'Example: ruby ec2-ruby-example-create-security-group.rb ' \ 'my-security-group \'This is my security group.\' vpc-6713dfEX ' \

81

Page 87: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Amazon EC2 Security Groups

'tcp 22 22 \'0.0.0.0/0\' us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? group_name = 'my-security-group' description = 'This is my security group.' vpc_id = 'vpc-6713dfEX' ip_protocol = 'tcp' from_port = '22' to_port = '22' cidr_ip_range = '0.0.0.0/0' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else group_name = ARGV[0] description = ARGV[1] vpc_id = ARGV[2] ip_protocol = ARGV[3] from_port = ARGV[4] to_port = ARGV[5] cidr_ip_range = ARGV[6] region = ARGV[7] end

ec2_resource = Aws::EC2::Resource.new(region: region)

if security_group_created_with_egress?( ec2_resource, group_name, description, vpc_id, ip_protocol, from_port, to_port, cidr_ip_range ) puts 'Security group created and egress granted.' else puts 'Security group not created or egress not granted.' endend

run_me if $PROGRAM_NAME == __FILE__

Working with Amazon EC2 Security GroupsThe following example:

1. Creates an Amazon EC2 security group.2. Adds inbound rules to the security group.3. Displays information about available security groups.4. Deletes the security group.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# This code example does the following:# 1. Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.# 2. Adds inbound rules to the security group.# 3. Displays information about available security groups.# 4. Deletes the security group.

82

Page 88: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Amazon EC2 Security Groups

require 'aws-sdk-ec2'

# Creates an Amazon Elastic Compute Cloud (Amazon EC2) security group.## Prerequisites:## - A VPC in Amazon Virtual Private Cloud (Amazon VPC).## @param ec2_client [Aws::EC2::Client] An initialized# Amazon EC2 client.# @param group_name [String] A name for the security group.# @param description [String] A description for the security group.# @param vpc_id [String] The ID of the VPC for the security group.# @return [String] The ID of security group that was created.# @example# puts create_security_group(# Aws::EC2::Client.new(region: 'us-east-1'),# 'my-security-group',# 'This is my security group.',# 'vpc-6713dfEX'# )def create_security_group( ec2_client, group_name, description, vpc_id) security_group = ec2_client.create_security_group( group_name: group_name, description: description, vpc_id: vpc_id ) puts "Created security group '#{group_name}' with ID " \ "'#{security_group.group_id}' in VPC with ID '#{vpc_id}'." return security_group.group_idrescue StandardError => e puts "Error creating security group: #{e.message}" return 'Error'end

# Adds an inbound rule to an Amazon Elastic Compute Cloud (Amazon EC2)# security group.## Prerequisites:## - The security group.## @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client.# @param security_group_id [String] The ID of the security group.# @param ip_protocol [String] The network protocol for the inbound rule.# @param from_port [String] The originating port for the inbound rule.# @param to_port [String] The destination port for the inbound rule.# @param cidr_ip_range [String] The CIDR IP range for the inbound rule.# @return# @example# exit 1 unless security_group_ingress_authorized?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'sg-030a858e078f1b9EX',# 'tcp',# '80',# '80',# '0.0.0.0/0'# )def security_group_ingress_authorized?( ec2_client,

83

Page 89: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Amazon EC2 Security Groups

security_group_id, ip_protocol, from_port, to_port, cidr_ip_range) ec2_client.authorize_security_group_ingress( group_id: security_group_id, ip_permissions: [ { ip_protocol: ip_protocol, from_port: from_port, to_port: to_port, ip_ranges: [ { cidr_ip: cidr_ip_range } ] } ] ) puts "Added inbound rule to security group '#{security_group_id}' for protocol " \ "'#{ip_protocol}' from port '#{from_port}' to port '#{to_port}' " \ "with CIDR IP range '#{cidr_ip_range}'." return truerescue StandardError => e puts "Error adding inbound rule to security group: #{e.message}" return falseend

# Displays information about a security group's IP permissions set in# Amazon Elastic Compute Cloud (Amazon EC2).## Prerequisites:## - A security group with inbound rules, outbound rules, or both.## @param p [Aws::EC2::Types::IpPermission] The IP permissions set.# @example# ec2_client = Aws::EC2::Client.new(region: 'us-east-1')# response = ec2_client.describe_security_groups# unless sg.ip_permissions.empty?# describe_security_group_permissions(# response.security_groups[0].ip_permissions[0]# )# enddef describe_security_group_permissions(perm) print " Protocol: #{perm.ip_protocol == '-1' ? 'All' : perm.ip_protocol}"

unless perm.from_port.nil? if perm.from_port == '-1' || perm.from_port == -1 print ', From: All' else print ", From: #{perm.from_port}" end end

unless perm.to_port.nil? if perm.to_port == '-1' || perm.to_port == -1 print ', To: All' else print ", To: #{perm.to_port}" end end

if perm.key?(:ipv_6_ranges) && perm.ipv_6_ranges.count.positive?

84

Page 90: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Amazon EC2 Security Groups

print ", CIDR IPv6: #{perm.ipv_6_ranges[0].cidr_ipv_6}" end

if perm.key?(:ip_ranges) && perm.ip_ranges.count.positive? print ", CIDR IPv4: #{perm.ip_ranges[0].cidr_ip}" end

print "\n"end

# Displays information about available security groups in# Amazon Elastic Compute Cloud (Amazon EC2).## @param ec2_client [Aws::EC2::Client] An initialized Amazon EC2 client.# @example# describe_security_groups(Aws::EC2::Client.new(region: 'us-east-1'))def describe_security_groups(ec2_client) response = ec2_client.describe_security_groups

if response.security_groups.count.positive? response.security_groups.each do |sg| puts '-' * (sg.group_name.length + 13) puts "Name: #{sg.group_name}" puts "Description: #{sg.description}" puts "Group ID: #{sg.group_id}" puts "Owner ID: #{sg.owner_id}" puts "VPC ID: #{sg.vpc_id}"

if sg.tags.count.positive? puts 'Tags:' sg.tags.each do |tag| puts " Key: #{tag.key}, Value: #{tag.value}" end end

unless sg.ip_permissions.empty? puts 'Inbound rules:' if sg.ip_permissions.count.positive? sg.ip_permissions.each do |p| describe_security_group_permissions(p) end end

unless sg.ip_permissions_egress.empty? puts 'Outbound rules:' if sg.ip_permissions.count.positive? sg.ip_permissions_egress.each do |p| describe_security_group_permissions(p) end end end else puts 'No security groups found.' endrescue StandardError => e puts "Error getting information about security groups: #{e.message}"end

# Deletes an Amazon Elastic Compute Cloud (Amazon EC2)# security group.## Prerequisites:## - The security group.## @param ec2_client [Aws::EC2::Client] An initialized# Amazon EC2 client.# @param security_group_id [String] The ID of the security group to delete.

85

Page 91: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Amazon EC2 Security Groups

# @return [Boolean] true if the security group was deleted; otherwise, false.# @example# exit 1 unless security_group_deleted?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'sg-030a858e078f1b9EX'# )def security_group_deleted?(ec2_client, security_group_id) ec2_client.delete_security_group(group_id: security_group_id) puts "Deleted security group '#{security_group_id}'." return truerescue StandardError => e puts "Error deleting security group: #{e.message}" return falseend

# Full example call:def run_me group_name = '' description = '' vpc_id = '' ip_protocol_http = '' from_port_http = '' to_port_http = '' cidr_ip_range_http = '' ip_protocol_ssh = '' from_port_ssh = '' to_port_ssh = '' cidr_ip_range_ssh = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-security-group.rb ' \ 'GROUP_NAME DESCRIPTION VPC_ID IP_PROTOCOL_1 FROM_PORT_1 TO_PORT_1 ' \ 'CIDR_IP_RANGE_1 IP_PROTOCOL_2 FROM_PORT_2 TO_PORT_2 ' \ 'CIDR_IP_RANGE_2 REGION' puts 'Example: ruby ec2-ruby-example-security-group.rb ' \ 'my-security-group \'This is my security group.\' vpc-6713dfEX ' \ 'tcp 80 80 \'0.0.0.0/0\' tcp 22 22 \'0.0.0.0/0\' us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? group_name = 'my-security-group' description = 'This is my security group.' vpc_id = 'vpc-6713dfEX' ip_protocol_http = 'tcp' from_port_http = '80' to_port_http = '80' cidr_ip_range_http = '0.0.0.0/0' ip_protocol_ssh = 'tcp' from_port_ssh = '22' to_port_ssh = '22' cidr_ip_range_ssh = '0.0.0.0/0' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else group_name = ARGV[0] description = ARGV[1] vpc_id = ARGV[2] ip_protocol_http = ARGV[3] from_port_http = ARGV[4] to_port_http = ARGV[5] cidr_ip_range_http = ARGV[6] ip_protocol_ssh = ARGV[7] from_port_ssh = ARGV[8] to_port_ssh = ARGV[9] cidr_ip_range_ssh = ARGV[10]

86

Page 92: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Key Pairs in Amazon EC2

region = ARGV[11] end

security_group_id = '' security_group_exists = false ec2_client = Aws::EC2::Client.new(region: region)

puts 'Attempting to create security group...' security_group_id = create_security_group( ec2_client, group_name, description, vpc_id ) if security_group_id == 'Error' puts 'Could not create security group. Skipping this step.' else security_group_exists = true end

if security_group_exists puts 'Attempting to add inbound rules to security group...' unless security_group_ingress_authorized?( ec2_client, security_group_id, ip_protocol_http, from_port_http, to_port_http, cidr_ip_range_http ) puts 'Could not add inbound HTTP rule to security group. ' \ 'Skipping this step.' end

unless security_group_ingress_authorized?( ec2_client, security_group_id, ip_protocol_ssh, from_port_ssh, to_port_ssh, cidr_ip_range_ssh ) puts 'Could not add inbound SSH rule to security group. ' \ 'Skipping this step.' end end

puts "\nInformation about available security groups:" describe_security_groups(ec2_client)

if security_group_exists puts "\nAttempting to delete security group..." unless security_group_deleted?(ec2_client, security_group_id) puts 'Could not delete security group. You must delete it yourself.' end endend

run_me if $PROGRAM_NAME == __FILE__

Working with Key Pairs in Amazon EC2The following code example:

87

Page 93: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Key Pairs in Amazon EC2

1. Creates a key pair in Amazon EC2.

2. Displays information about available key pairs.

3. Deletes the key pair.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# This code example does the following:# 1. Creates a key pair in Amazon Elastic Compute Cloud (Amazon EC2).# 2. Displays information about available key pairs.# 3. Deletes the key pair.

require 'aws-sdk-ec2'

# Creates a key pair in Amazon Elastic Compute Cloud (Amazon EC2) and# saves the resulting RSA private key file locally in the calling# user's home directory.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param key_pair_name [String] The name for the key pair and private# key file.# @return [Boolean] true if the key pair and private key file were# created; otherwise, false.# @example# exit 1 unless key_pair_created?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'my-key-pair'# )def key_pair_created?(ec2_client, key_pair_name) key_pair = ec2_client.create_key_pair(key_name: key_pair_name) puts "Created key pair '#{key_pair.key_name}' with fingerprint " \ "'#{key_pair.key_fingerprint}' and ID '#{key_pair.key_pair_id}'." filename = File.join(Dir.home, key_pair_name + '.pem') File.open(filename, 'w') { |file| file.write(key_pair.key_material) } puts "Private key file saved locally as '#{filename}'." return truerescue Aws::EC2::Errors::InvalidKeyPairDuplicate puts "Error creating key pair: a key pair named '#{key_pair_name}' " \ 'already exists.' return falserescue StandardError => e puts "Error creating key pair or saving private key file: #{e.message}" return falseend

# Displays information about available key pairs in# Amazon Elastic Compute Cloud (Amazon EC2).## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @example# describe_key_pairs(Aws::EC2::Client.new(region: 'us-east-1'))def describe_key_pairs(ec2_client) result = ec2_client.describe_key_pairs if result.key_pairs.count.zero? puts 'No key pairs found.' else puts 'Key pair names:' result.key_pairs.each do |key_pair| puts key_pair.key_name end endrescue StandardError => e puts "Error getting information about key pairs: #{e.message}"

88

Page 94: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Key Pairs in Amazon EC2

end

# Deletes a key pair in Amazon Elastic Compute Cloud (Amazon EC2).## Prerequisites:## - The key pair to delete.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param key_pair_name [String] The name of the key pair to delete.# @return [Boolean] true if the key pair was deleted; otherwise, false.# @example# exit 1 unless key_pair_deleted?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'my-key-pair'# )def key_pair_deleted?(ec2_client, key_pair_name) ec2_client.delete_key_pair(key_name: key_pair_name) return truerescue StandardError => e puts "Error deleting key pair: #{e.message}" return falseend

# Full example call:def run_me key_pair_name = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-key-pairs.rb KEY_PAIR_NAME REGION' puts 'Example: ruby ec2-ruby-example-key-pairs.rb my-key-pair us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? key_pair_name = 'my-key-pair' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else key_pair_name = ARGV[0] region = ARGV[1] end

ec2_client = Aws::EC2::Client.new(region: region)

puts 'Displaying existing key pair names before creating this key pair...' describe_key_pairs(ec2_client)

puts '-' * 10 puts 'Creating key pair...' unless key_pair_created?(ec2_client, key_pair_name) puts 'Stopping program.' exit 1 end

puts '-' * 10 puts 'Displaying existing key pair names after creating this key pair...' describe_key_pairs(ec2_client)

puts '-' * 10 puts 'Deleting key pair...' unless key_pair_deleted?(ec2_client, key_pair_name) puts 'Stopping program. You must delete the key pair yourself.' exit 1 end puts 'Key pair deleted.'

89

Page 95: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about All Amazon EC2 Instances

puts '-' * 10 puts 'Now that the key pair is deleted, ' \ 'also deleting the related private key pair file...' filename = File.join(Dir.home, key_pair_name + '.pem') File.delete(filename) if File.exist?(filename) puts "Could not delete file at '#{filename}'. You must delete it yourself." else puts 'File deleted.' end

puts '-' * 10 puts 'Displaying existing key pair names after deleting this key pair...' describe_key_pairs(ec2_client)end

run_me if $PROGRAM_NAME == __FILE__

Getting Information about All Amazon EC2 InstancesThe following code example lists the IDs and current states of available Amazon EC2 instances.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Lists the IDs and current states of available# Amazon Elastic Compute Cloud (Amazon EC2) instances.## @param ec2_resource [Aws::EC2::Resource] An initialized EC2 resource object.# @example# list_instance_ids_states(Aws::EC2::Resource.new(region: 'us-east-1'))def list_instance_ids_states(ec2_resource) response = ec2_resource.instances if response.count.zero? puts 'No instances found.' else puts 'Instances -- ID, state:' response.each do |instance| puts "#{instance.id}, #{instance.state.name}" end endrescue StandardError => e puts "Error getting information about instances: #{e.message}"end

#Full example call:def run_me region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-get-all-instance-info.rb REGION' puts 'Example: ruby ec2-ruby-example-get-all-instance-info.rb us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else region = ARGV[0] end ec2_resource = Aws::EC2::Resource.new(region: region)

90

Page 96: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about All AmazonEC2 Instances with a Specific Tag Value

list_instance_ids_states(ec2_resource)end

run_me if $PROGRAM_NAME == __FILE__

Getting Information about All Amazon EC2 Instanceswith a Specific Tag ValueThe following code example lists the IDs and current states of available Amazon EC2 instances matchingthe specified tag key and value.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Lists the IDs, current states, and tag keys/values of matching# available Amazon Elastic Compute Cloud (Amazon EC2) instances.## @param ec2_resource [Aws::EC2::Resource] An initialized EC2 resource object.# @param tag_key [String] The key portion of the tag to search on.# @param tag_value [String] The value portion of the tag to search on.# @example# list_instance_ids_states_by_tag(# Aws::EC2::Resource.new(region: 'us-east-1'),# 'my-key',# 'my-value'# )def list_instance_ids_states_by_tag(ec2_resource, tag_key, tag_value) response = ec2_resource.instances( filters: [ { name: "tag:#{tag_key}", values: [tag_value] } ] ) if response.count.zero? puts 'No matching instances found.' else puts 'Matching instances -- ID, state, tag key/value:' response.each do |instance| print "#{instance.id}, #{instance.state.name}" instance.tags.each do |tag| print ", #{tag.key}/#{tag.value}" end print "\n" end endrescue StandardError => e puts "Error getting information about instances: #{e.message}"end

#Full example call:def run_me tag_key = '' tag_value = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-get-instance-info-by-tag.rb ' \ 'TAG_KEY TAG_VALUE REGION'

91

Page 97: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about a Specific Amazon EC2 Instance

puts 'Example: ruby ec2-ruby-example-get-instance-info-by-tag.rb ' \ 'my-key my-value us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? tag_key = 'my-key' tag_value = 'my-value' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else tag_key = ARGV[0] tag_value = ARGV[1] region = ARGV[2] end ec2_resource = Aws::EC2::Resource.new(region: region) list_instance_ids_states_by_tag(ec2_resource, tag_key, tag_value)end

run_me if $PROGRAM_NAME == __FILE__

Getting Information about a Specific Amazon EC2InstanceThe following example lists the state of the specified Amazon EC2 instance.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Lists the state of an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - An Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @example# list_instance_state(# Aws::EC2::Resource.new(region: 'us-east-1'),# 'i-123abc'# )def list_instance_state(ec2_client, instance_id) response = ec2_client.describe_instances( instance_ids: [instance_id] ) if response.count.zero? puts 'No matching instance found.' else instance = response.reservations[0].instances[0] puts "The instance with ID '#{instance_id}' is '#{instance.state.name}'." endrescue StandardError => e puts "Error getting information about instance: #{e.message}"end

# Full example call:def run_me instance_id = '' region = '' # Print usage information and then stop.

92

Page 98: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon EC2 Instance

if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-list-state-instance-i-123abc.rb ' \ 'INSTANCE_ID REGION' puts 'Example: ruby ec2-ruby-example-list-state-instance-i-123abc.rb ' \ 'i-123abc us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? instance_id = 'i-123abc' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else instance_id = ARGV[0] region = ARGV[1] end

ec2_client = Aws::EC2::Client.new(region: region) list_instance_state(ec2_client, instance_id)end

run_me if $PROGRAM_NAME == __FILE__

Creating an Amazon EC2 InstanceThe following example creates and tags an Amazon EC2 instance.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'require 'base64'

# Creates and tags an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - An EC2 key pair.# - If you want to run any commands on the instance after it starts, a# file containing those commands.## @param ec2_resource [Aws::EC2::Resource] An initialized EC2 resource object.# @param image_id [String] The ID of the target Amazon Machine Image (AMI).# @param key_pair_name [String] The name of the existing EC2 key pair.# @param tag_key [String] The key portion of the tag for the instance.# @param tag_value [String] The value portion of the tag for the instance.# @param instance_type [String] The ID of the type of instance to create.# If not specified, the default value is 't2.micro'.# @param user_data_file [String] The path to the file containing any commands# to run on the instance after it starts. If not specified, the default# value is an empty string.# @return [Boolean] true if the instance was created and tagged;# otherwise, false.# @example# exit 1 unless instance_created?(# Aws::EC2::Resource.new(region: 'us-east-1'),# 'ami-0947d2ba12EXAMPLE',# 'my-key-pair',# 'my-key',# 'my-value',# 't2.micro',# 'my-user-data.txt'# )def instance_created?( ec2_resource,

93

Page 99: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon EC2 Instance

image_id, key_pair_name, tag_key, tag_value, instance_type = 't2.micro', user_data_file = '') encoded_script = ''

unless user_data_file == '' script = File.read(user_data_file) encoded_script = Base64.encode64(script) end

instance = ec2_resource.create_instances( image_id: image_id, min_count: 1, max_count: 1, key_name: key_pair_name, instance_type: instance_type, user_data: encoded_script )

puts 'Creating instance...'

# Check whether the new instance is in the "running" state. polls = 0 loop do polls += 1 response = ec2_resource.client.describe_instances( instance_ids: [ instance.first.id ] ) # Stop polling after 10 minutes (40 polls * 15 seconds per poll) if not running. break if response.reservations[0].instances[0].state.name == 'running' || polls > 40

sleep(15) end

puts "Instance created with ID '#{instance.first.id}'."

instance.batch_create_tags( tags: [ { key: tag_key, value: tag_value } ] ) puts 'Instance tagged.'

return truerescue StandardError => e puts "Error creating or tagging instance: #{e.message}" return falseend

# Full example call:def run_me image_id = '' key_pair_name = '' tag_key = '' tag_value = '' instance_type = '' region = ''

94

Page 100: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideStopping an Amazon EC2 Instance

user_data_file = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-create-instance.rb ' \ 'IMAGE_ID KEY_PAIR_NAME TAG_KEY TAG_VALUE INSTANCE_TYPE ' \ 'REGION [USER_DATA_FILE]' puts 'Example: ruby ec2-ruby-example-create-instance.rb ' \ 'ami-0947d2ba12EXAMPLE my-key-pair my-key my-value t2.micro ' \ 'us-east-1 my-user-data.txt' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? image_id = 'ami-0947d2ba12EXAMPLE' key_pair_name = 'my-key-pair' tag_key = 'my-key' tag_value = 'my-value' instance_type = 't2.micro' region = 'us-east-1' user_data_file = 'my-user-data.txt' # Otherwise, use the values as specified at the command prompt. else image_id = ARGV[0] key_pair_name = ARGV[1] tag_key = ARGV[2] tag_value = ARGV[3] instance_type = ARGV[4] region = ARGV[5] user_data_file = ARGV[6] if ARGV.count == 7 # If user data file specified. end

ec2_resource = Aws::EC2::Resource.new(region: region)

if instance_created?( ec2_resource, image_id, key_pair_name, tag_key, tag_value, instance_type, user_data_file ) puts 'Created and tagged instance.' else puts 'Could not create or tag instance.' endend

run_me if $PROGRAM_NAME == __FILE__

Stopping an Amazon EC2 InstanceThe following example attempts to stop the specified Amazon EC2 instance.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Attempts to stop an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - The Amazon EC2 instance.#

95

Page 101: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideStopping an Amazon EC2 Instance

# @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @return [Boolean] true if the instance was stopped; otherwise, false.# @example# exit 1 unless instance_stopped?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'i-123abc'# )def instance_stopped?(ec2_client, instance_id) response = ec2_client.describe_instance_status(instance_ids: [instance_id])

if response.instance_statuses.count.positive? state = response.instance_statuses[0].instance_state.name case state when 'stopping' puts 'The instance is already stopping.' return true when 'stopped' puts 'The instance is already stopped.' return true when 'terminated' puts 'Error stopping instance: ' \ 'the instance is terminated, so you cannot stop it.' return false end end

ec2_client.stop_instances(instance_ids: [instance_id]) ec2_client.wait_until(:instance_stopped, instance_ids: [instance_id]) puts 'Instance stopped.' return truerescue StandardError => e puts "Error stopping instance: #{e.message}" return falseend

# Full example call:def run_me instance_id = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-stop-instance-i-123abc.rb ' \ 'INSTANCE_ID REGION ' puts 'Example: ruby ec2-ruby-example-start-instance-i-123abc.rb ' \ 'i-123abc us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? instance_id = 'i-123abc' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else instance_id = ARGV[0] region = ARGV[1] end

ec2_client = Aws::EC2::Client.new(region: region)

puts "Attempting to stop instance '#{instance_id}' " \ '(this might take a few minutes)...' unless instance_stopped?(ec2_client, instance_id) puts 'Could not stop instance.' endend

96

Page 102: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideStarting an Amazon EC2 Instance

run_me if $PROGRAM_NAME == __FILE__

Starting an Amazon EC2 InstanceThe following example attempts to start the specified Amazon EC2 instance.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Attempts to start an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @return [Boolean] true if the instance was started; otherwise, false.# @example# exit 1 unless instance_started?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'i-123abc'# )def instance_started?(ec2_client, instance_id) response = ec2_client.describe_instance_status(instance_ids: [instance_id])

if response.instance_statuses.count.positive? state = response.instance_statuses[0].instance_state.name case state when 'pending' puts 'Error starting instance: the instance is pending. Try again later.' return false when 'running' puts 'The instance is already running.' return true when 'terminated' puts 'Error starting instance: ' \ 'the instance is terminated, so you cannot start it.' return false end end

ec2_client.start_instances(instance_ids: [instance_id]) ec2_client.wait_until(:instance_running, instance_ids: [instance_id]) puts 'Instance started.' return truerescue StandardError => e puts "Error starting instance: #{e.message}" return falseend

# Full example call:def run_me instance_id = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-start-instance-i-123abc.rb ' \ 'INSTANCE_ID REGION ' puts 'Example: ruby ec2-ruby-example-start-instance-i-123abc.rb ' \ 'i-123abc us-east-1' exit 1

97

Page 103: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideRebooting an Amazon EC2 Instance

# If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? instance_id = 'i-123abc' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else instance_id = ARGV[0] region = ARGV[1] end

ec2_client = Aws::EC2::Client.new(region: region)

puts "Attempting to start instance '#{instance_id}' " \ '(this might take a few minutes)...' unless instance_started?(ec2_client, instance_id) puts 'Could not start instance.' endend

run_me if $PROGRAM_NAME == __FILE__

Rebooting an Amazon EC2 InstanceThe following example attempts to reboot the specified Amazon EC2 instance.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Reboots an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - An Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @example# request_instance_reboot(# Aws::EC2::Resource.new(region: 'us-east-1'),# 'i-123abc'# )def request_instance_reboot(ec2_client, instance_id) response = ec2_client.describe_instances(instance_ids: [instance_id]) if response.count.zero? puts 'Error requesting reboot: no matching instance found.' else instance = response.reservations[0].instances[0] if instance.state.name == 'terminated' puts 'Error requesting reboot: the instance is already terminated.' else ec2_client.reboot_instances(instance_ids: [instance_id]) puts 'Reboot request sent.' end endrescue StandardError => e puts "Error requesting reboot: #{e.message}"end

# Full example call:def run_me instance_id = '' region = ''

98

Page 104: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging Amazon EC2 Instances

# Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-reboot-instance-i-123abc.rb ' \ 'INSTANCE_ID REGION' puts 'Example: ruby ec2-ruby-example-reboot-instance-i-123abc.rb ' \ 'i-123abc us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? instance_id = 'i-123abc' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else instance_id = ARGV[0] region = ARGV[1] end

ec2_client = Aws::EC2::Client.new(region: region) request_instance_reboot(ec2_client, instance_id)end

run_me if $PROGRAM_NAME == __FILE__

Managing Amazon EC2 InstancesThe following code example:

1. Stops an Amazon EC2 instance.

2. Restarts the instance.

3. Reboots the instance.

4. Enables detailed monitoring for the instance.

5. Displays information about available instances.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# This code example does the following:# 1. Stops an Amazon Elastic Compute Cloud (Amazon EC2) instance.# 2. Restarts the instance.# 3. Reboots the instance.# 4. Enables detailed monitoring for the instance.# 5. Displays information about available instances.

require 'aws-sdk-ec2'

# Waits for an Amazon Elastic Compute Cloud (Amazon EC2) instance# to reach the specified state.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_state [Symbol] The desired instance state.# @param instance_id [String] The ID of the instance.# @example# wait_for_instance(# Aws::EC2::Client.new(region: 'us-east-1'),# :instance_stopped,# 'i-033c48ef067af3dEX'

99

Page 105: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging Amazon EC2 Instances

# )def wait_for_instance(ec2_client, instance_state, instance_id) ec2_client.wait_until(instance_state, instance_ids: [instance_id]) puts "Success: #{instance_state}."rescue Aws::Waiters::Errors::WaiterFailed => e puts "Failed: #{e.message}"end

# Attempts to stop an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @return [Boolean] true if the instance was stopped; otherwise, false.# @example# exit 1 unless instance_stopped?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'i-033c48ef067af3dEX'# )def instance_stopped?(ec2_client, instance_id) ec2_client.stop_instances(instance_ids: [instance_id]) wait_for_instance(ec2_client, :instance_stopped, instance_id) return truerescue StandardError => e puts "Error stopping instance: #{e.message}" return falseend

# Attempts to restart an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @return [Boolean] true if the instance was restarted; otherwise, false.# @example# exit 1 unless instance_restarted?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'i-033c48ef067af3dEX'# )def instance_restarted?(ec2_client, instance_id) ec2_client.start_instances(instance_ids: [instance_id]) wait_for_instance(ec2_client, :instance_running, instance_id) return truerescue StandardError => e puts "Error restarting instance: #{e.message}" return falseend

# Attempts to reboot an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @return [Boolean] true if the instance was rebooted; otherwise, false.# @example# exit 1 unless instance_rebooted?(# Aws::EC2::Client.new(region: 'us-east-1'),

100

Page 106: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging Amazon EC2 Instances

# 'i-033c48ef067af3dEX'# )def instance_rebooted?(ec2_client, instance_id) ec2_client.reboot_instances(instance_ids: [instance_id]) wait_for_instance(ec2_client, :instance_status_ok, instance_id) return truerescue StandardError => e puts "Error rebooting instance: #{e.message}" return falseend

# Attempts to enabled detailed monitoring for an# Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @return [Boolean] true if detailed monitoring was enabled; otherwise, false.# @example# exit 1 unless instance_detailed_monitoring_enabled?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'i-033c48ef067af3dEX'# )def instance_detailed_monitoring_enabled?(ec2_client, instance_id) result = ec2_client.monitor_instances(instance_ids: [instance_id]) puts "Detailed monitoring state: #{result.instance_monitorings[0].monitoring.state}" return truerescue Aws::EC2::Errors::InvalidState puts "The instance is not in a monitorable state. Skipping this step." return falserescue StandardError => e puts "Error enabling detailed monitoring: #{e.message}" return falseend

# Displays information about available # Amazon Elastic Compute Cloud (Amazon EC2) instances.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @example# list_instances_information(Aws::EC2::Client.new(region: 'us-east-1'))def list_instances_information(ec2_client) result = ec2_client.describe_instances result.reservations.each do |reservation| if reservation.instances.count.positive? reservation.instances.each do |instance| puts '-' * 12 puts "Instance ID: #{instance.instance_id}" puts "State: #{instance.state.name}" puts "Image ID: #{instance.image_id}" puts "Instance type: #{instance.instance_type}" puts "Architecture: #{instance.architecture}" puts "IAM instance profile ARN: #{instance.iam_instance_profile.arn}" puts "Key name: #{instance.key_name}" puts "Launch time: #{instance.launch_time}" puts "Detailed monitoring state: #{instance.monitoring.state}" puts "Public IP address: #{instance.public_ip_address}" puts "Public DNS name: #{instance.public_dns_name}" puts "VPC ID: #{instance.vpc_id}" puts "Subnet ID: #{instance.subnet_id}" if instance.tags.count.positive? puts 'Tags:' instance.tags.each do |tag|

101

Page 107: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideTerminating an Amazon EC2 Instance

puts " #{tag.key}/#{tag.value}" end end end end endend

# Full example call:def run_me instance_id = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-manage-instances.rb ' \ 'INSTANCE_ID REGION' puts 'Example: ruby ec2-ruby-example-manage-instances.rb ' \ 'i-033c48ef067af3dEX us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? instance_id = 'i-033c48ef067af3dEX' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else instance_id = ARGV[0] region = ARGV[1] end

ec2_client = Aws::EC2::Client.new(region: region)

puts 'Attempting to stop the instance. ' \ 'This might take a few minutes...' unless instance_stopped?(ec2_client, instance_id) puts 'Cannot stop the instance. Skipping this step.' end

puts "\nAttempting to restart the instance. " \ 'This might take a few minutes...' unless instance_restarted?(ec2_client, instance_id) puts 'Cannot restart the instance. Skipping this step.' end

puts "\nAttempting to reboot the instance. " \ 'This might take a few minutes...' unless instance_rebooted?(ec2_client, instance_id) puts 'Cannot reboot the instance. Skipping this step.' end

puts "\nAttempting to enable detailed monitoring for the instance..." unless instance_detailed_monitoring_enabled?(ec2_client, instance_id) puts 'Cannot enable detailed monitoring for the instance. ' \ 'Skipping this step.' end

puts "\nInformation about available instances:" list_instances_information(ec2_client)end

run_me if $PROGRAM_NAME == __FILE__

Terminating an Amazon EC2 InstanceThe following example attempts to terminate the specified Amazon EC2 instance.

102

Page 108: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideTerminating an Amazon EC2 Instance

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Attempts to terminate an Amazon Elastic Compute Cloud (Amazon EC2) instance.## Prerequisites:## - The Amazon EC2 instance.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @param instance_id [String] The ID of the instance.# @return [Boolean] true if the instance was terminated; otherwise, false.# @example# exit 1 unless instance_terminated?(# Aws::EC2::Client.new(region: 'us-east-1'),# 'i-123abc'# )def instance_terminated?(ec2_client, instance_id) response = ec2_client.describe_instance_status(instance_ids: [instance_id])

if response.instance_statuses.count.positive? && response.instance_statuses[0].instance_state.name == 'terminated'

puts 'The instance is already terminated.' return true end

ec2_client.terminate_instances(instance_ids: [instance_id]) ec2_client.wait_until(:instance_terminated, instance_ids: [instance_id]) puts 'Instance terminated.' return truerescue StandardError => e puts "Error terminating instance: #{e.message}" return falseend

# Full example call:def run_me instance_id = '' region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-terminate-instance-i-123abc.rb ' \ 'INSTANCE_ID REGION ' puts 'Example: ruby ec2-ruby-example-terminate-instance-i-123abc.rb ' \ 'i-123abc us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? instance_id = 'i-123abc' region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else instance_id = ARGV[0] region = ARGV[1] end

ec2_client = Aws::EC2::Client.new(region: region)

puts "Attempting to terminate instance '#{instance_id}' " \ '(this might take a few minutes)...' unless instance_terminated?(ec2_client, instance_id) puts 'Could not terminate instance.'

103

Page 109: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about Regions

and Availability Zones for Amazon EC2

endend

run_me if $PROGRAM_NAME == __FILE__

Getting Information about Regions and AvailabilityZones for Amazon EC2The following example:

1. Displays a list of AWS Regions for Amazon EC2 that are available to you.

2. Displays a list of Amazon EC2 Availability Zones available to you depending on the AWS Region of theAmazon EC2 client.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-ec2'

# Displays a list of AWS Regions for Amazon Elastic Compute Cloud (Amazon EC2)# that are available to you.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @example# list_regions_endpoints(Aws::EC2::Client.new(region: 'us-east-1'))def list_regions_endpoints(ec2_client) result = ec2_client.describe_regions # Enable pretty printing. max_region_string_length = 16 max_endpoint_string_length = 33 # Print header. print 'Region' print ' ' * (max_region_string_length - 'Region'.length) print " Endpoint\n" print '-' * max_region_string_length print ' ' print '-' * max_endpoint_string_length print "\n" # Print Regions and their endpoints. result.regions.each do |region| print region.region_name.to_s print ' ' * (max_region_string_length - region.region_name.length) print ' ' print region.endpoint.to_s print "\n" endend

# Displays a list of Amazon Elastic Compute Cloud (Amazon EC2)# Availability Zones available to you depending on the AWS Region# of the Amazon EC2 client.## @param ec2_client [Aws::EC2::Client] An initialized EC2 client.# @example# list_availability_zones(Aws::EC2::Client.new(region: 'us-east-1'))def list_availability_zones(ec2_client) result = ec2_client.describe_availability_zones # Enable pretty printing. max_region_string_length = 16 max_zone_string_length = 18

104

Page 110: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about Regions

and Availability Zones for Amazon EC2

max_state_string_length = 9 # Print header. print 'Region' print ' ' * (max_region_string_length - 'Region'.length) print ' Zone' print ' ' * (max_zone_string_length - 'Zone'.length) print " State\n" print '-' * max_region_string_length print ' ' print '-' * max_zone_string_length print ' ' print '-' * max_state_string_length print "\n" # Print Regions, Availability Zones, and their states. result.availability_zones.each do |zone| print zone.region_name print ' ' * (max_region_string_length - zone.region_name.length) print ' ' print zone.zone_name print ' ' * (max_zone_string_length - zone.zone_name.length) print ' ' print zone.state # Print any messages for this Availability Zone. if zone.messages.count.positive? print "\n" puts ' Messages for this zone:' zone.messages.each do |message| print " #{message.message}\n" end end print "\n" endend

# Full example call:def run_me region = '' # Print usage information and then stop. if ARGV[0] == '--help' || ARGV[0] == '-h' puts 'Usage: ruby ec2-ruby-example-regions-availability-zones.rb REGION' puts 'Example: ruby ec2-ruby-example-regions-availability-zones.rb us-east-1' exit 1 # If no values are specified at the command prompt, use these default values. elsif ARGV.count.zero? region = 'us-east-1' # Otherwise, use the values as specified at the command prompt. else region = ARGV[0] end

ec2_client = Aws::EC2::Client.new(region: region)

puts 'AWS Regions for Amazon EC2 that are available to you:' list_regions_endpoints(ec2_client) puts "\n\nAmazon EC2 Availability Zones that are available to you for AWS Region '#{region}':" list_availability_zones(ec2_client)end

run_me if $PROGRAM_NAME == __FILE__

105

Page 111: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAWS Elastic Beanstalk Examples

AWS Elastic Beanstalk Examples Using the AWSSDK for Ruby

AWS Elastic Beanstalk enables you to quickly deploy and manage applications in the AWS Cloud withoutworrying about the infrastructure that runs those applications. You can use the following examples toaccess Elastic Beanstalk using the AWS SDK for Ruby. For more information about Elastic Beanstalk, seethe AWS Elastic Beanstalk documentation.

Topics

• Getting Information about All Applications in AWS Elastic Beanstalk (p. 106)

• Getting Information about a Specific Application in AWS Elastic Beanstalk (p. 106)

• Updating a Ruby on Rails Application for AWS Elastic Beanstalk (p. 107)

Getting Information about All Applications in AWSElastic BeanstalkThe following example lists the names, descriptions, and URLs of all of your Elastic Beanstalkapplications in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-elasticbeanstalk' # v2: require 'aws-sdk'

eb = Aws::ElasticBeanstalk::Client.new(region: 'us-west-2') eb.describe_applications.applications.each do |a| puts "Name: #{a.application_name}" puts "Description: #{a.description}"

eb.describe_environments({application_name: a.application_name}).environments.each do |env| puts " Environment: #{env.environment_name}" puts " URL: #{env.cname}" puts " Health: #{env.health}" endend

Getting Information about a Specific Application inAWS Elastic BeanstalkThe following example lists the name, description, and URL of the MyRailsApp application in the us-west-2 region.

106

http://www.amazonaws.cn/documentation/elastic-beanstalk/
Page 112: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUpdating a Ruby on Rails Application

for AWS Elastic Beanstalk

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-elasticbeanstalk' # v2: require 'aws-sdk'

eb = Aws::ElasticBeanstalk::Client.new(region: 'us-west-2') app = eb.describe_applications({application_names: [args[0]]})

if app.exists? puts "Name: #{app.application_name}" puts "Description: #{app.description}"

envs = eb.describe_environments({application_name: app.application_name}) puts "URL: #{envs.environments[0].cname}"end

Updating a Ruby on Rails Application for AWS ElasticBeanstalkThe following example updates the Ruby on Rails application MyRailsApp in the us-west-2 region.

NoteYou must be in the root of your Rails app to succesfully run the script.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-elasticbeanstalk' # v2: require 'aws-sdk'

Aws.config.update({region: 'us-west-2'})

eb = Aws::ElasticBeanstalk::Client.news3 = Aws::S3::Client.new

app_name = 'MyRailsApp'

# Get S3 bucket containing appapp_versions = eb.describe_application_versions({ application_name: app_name })av = app_versions.application_versions[0]bucket = av.source_bundle.s3_buckets3_key = av.source_bundle.s3_key

# Get info on environment

107

Page 113: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAWS Identity and Access Management (IAM) Examples

envs = eb.describe_environments({ application_name: app_name })env = envs.environments[0]env_name = env.environment_name

# Create new storage locationresp = eb.create_storage_location()

puts "Created storage location in bucket #{resp.s3_bucket}"

s3.list_objects({ prefix: s3_key, bucket: bucket})

# Create ZIP filezip_file_basename = SecureRandom.urlsafe_base64.to_szip_file_name = zip_file_basename + '.zip'

# Call out to OS to produce ZIP filecmd = "git archive --format=zip -o #{zip_file_name} HEAD"%x[ #{cmd} ]

# Get ZIP file contentszip_contents = File.read(zip_file_name)

key = app_name + "\\" + zip_file_name

s3.put_object({ body: zip_contents, bucket: bucket, key: key})

date = Time.newtoday = date.day.to_s + "/" + date.month.to_s + "/" + date.year.to_s

eb.create_application_version({ process: false, application_name: app_name, version_label: zip_file_basename, source_bundle: { s3_bucket: bucket, s3_key: key }, description: "Updated #{today}"})

eb.update_environment({ environment_name: env_name, version_label: zip_file_basename})

AWS Identity and Access Management (IAM)Examples Using the AWS SDK for Ruby

AWS Identity and Access Management (IAM) is a web service for securely controlling access to AWSservices. You can use the following examples to access IAM using the AWS SDK for Ruby. For moreinformation about IAM, see the IAM documentation.

Topics

108

http://www.amazonaws.cn/documentation/iam/
Page 114: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about IAM Users

• Getting Information about IAM Users (p. 109)• Listing IAM Users who are Administrators (p. 110)• Adding a New IAM User (p. 113)• Create User Access Keys for an IAM User (p. 114)• Adding a Managed Policy to an IAM User (p. 115)• Creating an IAM Role (p. 116)• Managing IAM Users (p. 117)• Working with IAM Policies (p. 120)• Managing IAM Access Keys (p. 123)• Working with IAM Server Certificates (p. 127)• Managing IAM Account Aliases (p. 130)

Getting Information about IAM UsersThe following example lists the groups, policies, and access key IDs of the IAM users in the us-west-2 region. If there are more than 100 users, iam.list_users.IsTruncated is true andiam.list_users.Marker contains a value you can use to get information about additional users. Seethe Aws::IAM::Client.list_users topic for further information.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-iam'

# Displays information about available users in# AWS Identity and Access Management (IAM) including users'# names, associated group names, inline embedded user policy names,# and access key IDs.## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @example# get_user_details(Aws::IAM::Client.new)def get_user_details(iam_client) users_response = iam_client.list_users

if users_response.key?('users') && users_response.users.count.positive?

# Are there more users available than can be displayed? if users_response.key?('is_truncated') && users_response.is_truncated puts '(Note: not all users are displayed here, ' \ "only the first #{users_response.users.count}.)" else puts "Found #{users_response.users.count} user(s):" end

users_response.users.each do |user| name = user.user_name puts '-' * 30 puts "User name: #{name}"

puts "Groups:" groups_response = iam_client.list_groups_for_user(user_name: name) if groups_response.key?('groups') && groups_response.groups.count.positive?

groups_response.groups.each do |group| puts " #{group.group_name}" end

109

https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/IAM/Client.html#list_users-instance_method
Page 115: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideListing IAM Users who are Administrators

else puts ' None' end

puts 'Inline embedded user policies:' policies_response = iam_client.list_user_policies(user_name: name) if policies_response.key?('policy_names') && policies_response.policy_names.count.positive?

policies_response.policy_names.each do |policy_name| puts " #{policy_name}" end else puts ' None' end

puts 'Access keys:' access_keys_response = iam_client.list_access_keys(user_name: name)

if access_keys_response.key?('access_key_metadata') && access_keys_response.access_key_metadata.count.positive?

access_keys_response.access_key_metadata.each do |access_key| puts " #{access_key.access_key_id}" end else puts ' None' end end else puts 'No users found.' endrescue StandardError => e puts "Error getting user details: #{e.message}"end

# Full example call:def run_me iam_client = Aws::IAM::Client.new puts 'Attempting to get details for available users...' get_user_details(iam_client)end

run_me if $PROGRAM_NAME == __FILE__

Listing IAM Users who are AdministratorsThe following example uses the get_account_authorization_details, method to get the list of users forthe current account.

Choose Copy to save the code locally.

Create the file get_admins.rb.

Add the required IAM gem and the os gem, and use the latter to use the bundled certificate if you arerunning on Microsoft Windows.

NoteVersion 2 of the AWS SDK for Ruby didn’t have service-specific gems.

require 'aws-sdk-iam' # v2: require 'aws-sdk'require 'os'

if OS.windows?

110

https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#get_account_authorization_details-instance_method
Page 116: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideListing IAM Users who are Administrators

Aws.use_bundled_cert!end

Create a method to determine whether the user has a policy with administrator privileges.

def user_has_admin_policy(user, admin_access) policies = user.user_policy_list

policies.each do |p| if p.policy_name == admin_access return true end end

falseend

Create a method to determine whether the user has an attached policy with administrator privileges.

def user_has_attached_policy(user, admin_access) attached_policies = user.attached_managed_policies

attached_policies.each do |p| if p.policy_name == admin_access return true end end

falseend

Create a method to determine whether a group to which the user belongs has a policy withadministrator privileges.

Create a method to determine whether a group to which the user belongs has an attached policy withadministrator privileges.

def group_has_admin_policy(client, group, admin_access) resp = client.list_group_policies( group_name: group.group_name )

resp.policy_names.each do |name| if name == admin_access return true end end

falseend

Create a method to determine whether a group to which the user belongs has administrator privileges.

def user_has_admin_from_group(client, user, admin_access) resp = client.list_groups_for_user( user_name: user.user_name )

resp.groups.each do |group|

111

Page 117: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideListing IAM Users who are Administrators

has_admin_policy = group_has_admin_policy(client, group, admin_access) if has_admin_policy return true end

has_attached_policy = group_has_attached_policy(client, group, admin_access) if has_attached_policy return true end end

falseend

Create a method to determine whether the user has administrator privileges.

def is_user_admin(client, user, admin_access) has_admin_policy = user_has_admin_policy(user, admin_access) if has_admin_policy return true end

has_attached_admin_policy = user_has_attached_policy(user, admin_access) if has_attached_admin_policy return true end

has_admin_from_group = user_has_admin_from_group(client, user, admin_access) if has_admin_from_group return true end

falseend

Create a method to loop through a list of users and return how many of those users have administratorprivileges.

<code>

The main routine starts here. Create an IAM client and variables to store the number of users, number ofusers who have adminstrator privileges, and the string that identifies a policy that supplies adminstratorprivileges.

def get_admin_count(client, users, admin_access) num_admins = 0

users.each do |user| is_admin = is_user_admin(client, user, admin_access) if is_admin puts user.user_name num_admins += 1 end end

num_adminsend

Call get_account_authorization_details to get the details of the account and get the users forthe account from user_detail_list. Keep track of how many users we get, call get_admin_count toget the number of those users who have administrator privileges, and keep track of the number of those.

112

Page 118: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAdding a New IAM User

details = client.get_account_authorization_details( filter: ['User'])

users = details.user_detail_listnum_users += users.countmore_admins = get_admin_count(client, users, access_admin)num_admins += more_admins

If the first call to get_account_authorization_details did not get all of the details, call it againand repeat the process of determining how many have administrator privileges.

<code>

Finally, display how many users have administrator privileges.

more_users = details.is_truncated

while more_users

details = client.get_account_authorization_details(

filter: [‘User’], marker: details.marker

)

users = details.user_detail_list

num_users += users.count more_admins = get_admin_count(client, users, access_admin)num_admins += more_admins

more_users = details.is_truncated

end

See the complete example on GitHub.

Adding a New IAM UserThe following example creates the IAM user my_groovy_user in the us-west-2 region with thepassword REPLACE_ME, and displays the user’s account ID. If a user with that name already exists, itdisplays a message and does not create a new user.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-iam'

# Creates a user in AWS Identity and Access Management (IAM).## @param iam [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @param initial_password [String] The initial password for the user.# @return [String] The ID of the user if the user was created, otherwise;# the string 'Error'.# @example

113

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/iam/iam_ruby_example_show_admins.rb
Page 119: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreate User Access Keys for an IAM User

# puts create_user(Aws::IAM::Client.new, 'my-user', 'my-!p@55w0rd!')def create_user(iam_client, user_name, initial_password) response = iam_client.create_user(user_name: user_name) iam_client.wait_until(:user_exists, user_name: user_name) iam_client.create_login_profile( password: initial_password, password_reset_required: true, user_name: user_name ) return response.user.user_idrescue Aws::IAM::Errors::EntityAlreadyExists puts "Error creating user '#{user_name}': user already exists." return 'Error'rescue StandardError => e puts "Error creating user '#{user_name}': #{e.message}" return 'Error'end

# Full example call:def run_me user_name = 'my-user' initial_password = 'my-!p@55w0rd!' iam_client = Aws::IAM::Client.new

puts "Attempting to create user '#{user_name}'..." user_id = create_user(iam_client, user_name, initial_password)

if user_id == 'Error' puts 'User not created.' else puts "User '#{user_name}' created with ID '#{user_id}' and initial " \ "sign-in password '#{initial_password}'." endend

run_me if $PROGRAM_NAME == __FILE__

Create User Access Keys for an IAM UserThe following example creates an access key and secret key for the IAM user my_groovy_user in theus-west-2 region.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-iam'

# Creates an access key for a user in AWS Identity and Access Management (IAM).## Prerequisites:# - The user in IAM.## @param iam [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @example# create_access_key(Aws::IAM::Client.new, 'my-user')def create_access_key(iam, user_name) response = iam.create_access_key(user_name: user_name) access_key = response.access_key puts 'Access key created:' puts " Access key ID: #{access_key.access_key_id}" puts " Secret access key: #{access_key.secret_access_key}" puts 'Keep a record of this information in a secure location. ' \

114

Page 120: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAdding a Managed Policy to an IAM User

'This will be the only time you will be able to view the ' \ 'secret access key.'rescue Aws::IAM::Errors::LimitExceeded puts 'Error creating access key: limit exceeded. Cannot create any more. ' \ 'To create more, delete an existing access key, and then try again.'rescue StandardError => e puts "Error creating access key: #{e.message}"end

# Full example call:def run_me iam = Aws::IAM::Client.new user_name = 'my-user'

puts 'Attempting to create an access key...' create_access_key(iam, user_name)end

run_me if $PROGRAM_NAME == __FILE__

Adding a Managed Policy to an IAM UserThe following example adds the managed policy AmazonS3FullAccess to the IAM usermy_groovy_user in the us-west-2 region.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-iam'

# Attaches a policy to a user in AWS Identity and Access Management (IAM).## Prerequisites:# - The user in IAM.## @param iam [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @param policy_arn [String] The Amazon Resource Name (ARN) of the policy.# @return [Boolean] true if the policy was attached; otherwise, false.# @example# exit 1 unless alias_created?(# Aws::IAM::Client.new,# 'my-user',# 'arn:aws:iam::aws:policy/AmazonS3FullAccess'# )def policy_attached_to_user?(iam_client, user_name, policy_arn) iam_client.attach_user_policy( user_name: user_name, policy_arn: policy_arn ) return truerescue StandardError => e puts "Error attaching policy to user: #{e.message}" return falseend

# Full example call:def run_me user_name = 'my-user' arn_prefix = 'arn:aws:iam::aws:policy/' policy_arn = arn_prefix + 'AmazonS3FullAccess' iam_client = Aws::IAM::Client.new

115

Page 121: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an IAM Role

puts "Attempting to attach policy with ARN '#{policy_arn}' to " \ "user '#{user_name}'..."

if policy_attached_to_user?(iam_client, user_name, policy_arn) puts 'Policy attached.' else puts 'Policy not attached.' endend

run_me if $PROGRAM_NAME == __FILE__

Creating an IAM RoleThe following example creates the role my_groovy_role so that Amazon EC2 can access Amazon S3and Amazon DynamoDB in the us-west-2 region.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-iam'

# Creates a role in AWS Access and Identity Management (IAM).## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param role_name [String] A name for the role.# @param assume_role_policy_document [String]# @param policy_arns [Array] An array of type String representing# Amazon Resource Names (ARNs) corresponding to available# IAM managed policies.# @return [String] The ARN of the new role; otherwise, the string 'Error'.# @example# puts create_role(# Aws::IAM::Client.new,# 'my-ec2-s3-dynamodb-full-access-role',# {# Version: '2012-10-17',# Statement: [# {# Effect: 'Allow',# Principal: {# Service: 'ec2.amazonaws.com'# },# Action: 'sts:AssumeRole'# }# ]# },# [# 'arn:aws:iam::aws:policy/AmazonS3FullAccess',# 'arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess'# ]# )def create_role( iam_client, role_name, assume_role_policy_document, policy_arns) iam_client.create_role( role_name: role_name, assume_role_policy_document: assume_role_policy_document.to_json ) policy_arns.each do |policy_arn|

116

Page 122: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Users

iam_client.attach_role_policy( policy_arn: policy_arn, role_name: role_name, ) end return iam_client.get_role(role_name: role_name).role.arnrescue StandardError => e puts "Error creating role: #{e.message}" return 'Error'end

# Full example call:def run_me role_name = 'my-ec2-s3-dynamodb-full-access-role'

# Allow the role to trust Amazon Elastic Compute Cloud (Amazon EC2) # within the AWS account. assume_role_policy_document = { Version: '2012-10-17', Statement: [ { Effect: 'Allow', Principal: { Service: 'ec2.amazonaws.com' }, Action: 'sts:AssumeRole' } ] }

# Allow the role to take all actions within # Amazon Simple Storage Service (Amazon S3) # and Amazon DynamoDB across the AWS account. policy_arns = [ 'arn:aws:iam::aws:policy/AmazonS3FullAccess', 'arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess' ]

iam_client = Aws::IAM::Client.new

puts "Attempting to create the role named '#{role_name}'..."

role_arn = create_role( iam_client, role_name, assume_role_policy_document, policy_arns )

if role_arn == 'Error' puts 'Could not create role.' else puts "Role created with ARN '#{role_arn}'." endend

run_me if $PROGRAM_NAME == __FILE__

Managing IAM UsersAn IAM user represents a person or service that interacts with AWS. For more information about IAMusers, see IAM Users.

In this example, you use the AWS SDK for Ruby with IAM to:

117

https://docs.amazonaws.cn/IAM/latest/UserGuide/id_users.html
Page 123: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Users

1. Get information about available AWS IAM users by using Aws::IAM::Client#list_users.

2. Create a user by using Aws::IAM::Client#create_user.

3. Update the user’s name by using Aws::IAM::Client#update_user.

4. Delete the user by using Aws::IAM::Client#delete_user.

PrerequisitesBefore running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)

• Configuring the AWS SDK for Ruby (p. 8)

Example

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# The following code example shows how to to:# 1. Get a list of user names in AWS Identity and Access Management (IAM).# 2. Create a user.# 3. Update the user's name.# 4. Delete the user.

require 'aws-sdk-iam'

# Gets a list of available user names in# AWS Identity and Access Management (IAM).## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @example# list_user_names(Aws::IAM::Client.new)def list_user_names(iam_client) response = iam_client.list_users if response.key?('users') && response.users.count.positive? response.users.each do |user| puts user.user_name end else puts 'No users found.' endrescue StandardError => e puts "Error listing user names: #{e.message}"end

# Creates a user in AWS Identity and Access Management (IAM).## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the new user.# @return [Boolean] true if the user was created; otherwise, false.# @example# exit 1 unless user_created?(Aws::IAM::Client.new, 'my-user')def user_created?(iam_client, user_name) iam_client.create_user(user_name: user_name) return truerescue Aws::IAM::Errors::EntityAlreadyExists puts "Error creating user: user '#{user_name}' already exists." return falserescue StandardError => e

118

https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#list_users-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#create_user-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#update_user-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#delete_user-instance_method
Page 124: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Users

puts "Error creating user: #{e.message}" return falseend

# Changes the name of a user in AWS Identity and Access Management (IAM).## Prerequisites:# - The user in IAM.## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param user_current_name [String] The current name of the user.# @param user_new_name [String] The new name for the user.# @return [Boolean] true if the name of the user was changed;# otherwise, false.# @example# exit 1 unless user_name_changed?(# Aws::IAM::Client.new,# 'my-user',# 'my-changed-user'# )def user_name_changed?(iam_client, user_current_name, user_new_name) iam_client.update_user( user_name: user_current_name, new_user_name: user_new_name ) return truerescue StandardError => e puts "Error updating user name: #{e.message}" return falseend

# Deletes a user in AWS Identity and Access Management (IAM).## Prerequisites:# - The user in IAM.## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @return [Boolean] true if the user was deleted; otherwise, false.# @example# exit 1 unless user_deleted?(Aws::IAM::Client.new, 'my-user')def user_deleted?(iam_client, user_name) iam_client.delete_user(user_name: user_name) return truerescue StandardError => e puts "Error deleting user: #{e.message}" return falseend

# Full example call:def run_me user_name = 'my-user' user_changed_name = 'my-changed-user' delete_user = true iam_client = Aws::IAM::Client.new

puts "Initial user names are:\n\n" list_user_names(iam_client)

puts "\nAttempting to create user '#{user_name}'..."

if user_created?(iam_client, user_name) puts 'User created.' else puts 'Could not create user. Stopping program.' exit 1

119

Page 125: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with IAM Policies

end

puts "User names now are:\n\n" list_user_names(iam_client)

puts "\nAttempting to change the name of the user '#{user_name}' " \ "to '#{user_changed_name}'..."

if user_name_changed?(iam_client, user_name, user_changed_name) puts 'User name changed.' puts "User names now are:\n\n" list_user_names(iam_client)

if delete_user # Delete user with changed name. puts "\nAttempting to delete user '#{user_changed_name}'..."

if user_deleted?(iam_client, user_changed_name) puts 'User deleted.' else puts 'Could not delete user. You must delete the user yourself.' end

puts "User names now are:\n\n" list_user_names(iam_client) end else puts 'Could not change user name.' puts "User names now are:\n\n" list_user_names(iam_client)

if delete_user # Delete user with initial name. puts "\nAttempting to delete user '#{user_name}'..."

if user_deleted?(iam_client, user_name) puts 'User deleted.' else puts 'Could not delete user. You must delete the user yourself.' end

puts "User names now are:\n\n" list_user_names(iam_client) end endend

run_me if $PROGRAM_NAME == __FILE__

Working with IAM PoliciesAn IAM policy is a document that specifies one or more permissions. For more information about IAMpolicies, see Overview of IAM Policies.

In this example, you use the AWS SDK for Ruby with IAM to:

1. Create a policy, using Aws::IAM::Client#create_policy.

2. Get information about the policy, using Aws::IAM::Client#get_policy.

3. Attach the policy to a role, using Aws::IAM::Client#attach_role_policy.

4. List policies attached to the role, using Aws::IAM::Client#list_attached_role_policies.

5. Detach the policy from the role, using Aws::IAM::Client#detach_role_policy.

120

https://docs.amazonaws.cn/IAM/latest/UserGuide/access_policies.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#create_policy-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#get_policy-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#attach_role_policy-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#list_attached_role_policies-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#detach_role_policy-instance_method
Page 126: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with IAM Policies

PrerequisitesBefore running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)• Configuring the AWS SDK for Ruby (p. 8)

You will also need to create the role (my-role) specified in the script. You can do this in the IAM console.

Example

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# The following code example shows how to:# 1. Create a policy in AWS Identity and Access Management (IAM).# 2. Attach the policy to a role.# 3. List the policies that are attached to the role.# 4. Detach the policy from the role.

require 'aws-sdk-iam'

# Creates a policy in AWS Identity and Access Management (IAM).## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param policy_name [String] A name for the policy.# @param policy_document [Hash] The policy definition.# @return [String] The new policy's Amazon Resource Name (ARN);# otherwise, the string 'Error'.# @example# puts create_policy(# Aws::IAM::Client.new,# 'my-policy',# {# 'Version': '2012-10-17',# 'Statement': [# {# 'Effect': 'Allow',# 'Action': 's3:ListAllMyBuckets',# 'Resource': 'arn:aws:s3:::*'# }# ]# }# )def create_policy(iam_client, policy_name, policy_document) response = iam_client.create_policy( policy_name: policy_name, policy_document: policy_document.to_json ) return response.policy.arnrescue StandardError => e puts "Error creating policy: #{e.message}" return 'Error'end

# Attaches a policy to a role in AWS Identity and Access Management (IAM).## Prerequisites:# - An existing role.## @param iam_client [Aws::IAM::Client] An initialized IAM client.

121

Page 127: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with IAM Policies

# @param role_name [String] The name of the role to attach the policy to.# @param policy_arn [String] The policy's Amazon Resource Name (ARN).# @return [Boolean] True if the policy was attached to the role;# otherwise, false.# @example# exit 1 unless policy_attached_to_role?(# Aws::IAM::Client.new,# 'my-role',# 'arn:aws:iam::111111111111:policy/my-policy'# )def policy_attached_to_role?(iam_client, role_name, policy_arn) iam_client.attach_role_policy(role_name: role_name, policy_arn: policy_arn) return truerescue StandardError => e puts "Error attaching policy to role: #{e.message}" return falseend

# Displays a list of policy Amazon Resource Names (ARNs) that are attached to a# role in AWS Identity and Access Management (IAM).## Prerequisites:# - An existing role.## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param role_name [String] The name of the role.# @example# list_policy_arns_attached_to_role(Aws::IAM::Client.new, 'my-role')def list_policy_arns_attached_to_role(iam_client, role_name) response = iam_client.list_attached_role_policies(role_name: role_name) if response.key?('attached_policies') && response.attached_policies.count.positive? response.attached_policies.each do |attached_policy| puts " #{attached_policy.policy_arn}" end else puts 'No policies attached to role.' endrescue StandardError => e puts "Error checking for policies attached to role: #{e.message}"end

# Detaches a policy from a role in AWS Identity and Access Management (IAM).## Prerequisites:# - An existing role with an attached policy.## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param role_name [String] The name of the role to detach the policy from.# @param policy_arn [String] The policy's Amazon Resource Name (ARN).# @return [Boolean] True if the policy was detached from the role;# otherwise, false.# @example# exit 1 unless policy_detached_from_role?(# Aws::IAM::Client.new,# 'my-role',# 'arn:aws:iam::111111111111:policy/my-policy'# )def policy_detached_from_role?(iam_client, role_name, policy_arn) iam_client.detach_role_policy(role_name: role_name, policy_arn: policy_arn) return truerescue StandardError => e puts "Error detaching policy from role: #{e.message}" return falseend

# Full example call:

122

Page 128: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Access Keys

def run_me role_name = 'my-role' policy_name = 'my-policy'

# Allows the caller to get a list of all buckets in # Amazon Simple Storage Service (Amazon S3) that are owned by the caller. policy_document = { 'Version': '2012-10-17', 'Statement': [ { 'Effect': 'Allow', 'Action': 's3:ListAllMyBuckets', 'Resource': 'arn:aws:s3:::*' } ] }

detach_policy_from_role = true iam_client = Aws::IAM::Client.new

puts "Attempting to create policy '#{policy_name}'..." policy_arn = create_policy(iam_client, policy_name, policy_document)

if policy_arn == 'Error' puts 'Could not create policy. Stopping program.' exit 1 else puts 'Policy created.' end

puts "Attempting to attach policy '#{policy_name}' " \ "to role '#{role_name}'..."

if policy_attached_to_role?(iam_client, role_name, policy_arn) puts 'Policy attached.' else puts 'Could not attach policy to role.' detach_policy_from_role = false end

puts "Policy ARNs attached to role '#{role_name}':" list_policy_arns_attached_to_role(iam_client, role_name)

if detach_policy_from_role puts "Attempting to detach policy '#{policy_name}' " \ "from role '#{role_name}'..."

if policy_detached_from_role?(iam_client, role_name, policy_arn) puts 'Policy detached.' else puts 'Could not detach policy from role. You must detach it yourself.' end

endend

run_me if $PROGRAM_NAME == __FILE__

Managing IAM Access KeysUsers need their own access keys to make programmatic calls to AWS from the AWS SDK for Ruby. To fillthis need, you can create, modify, view, or rotate access keys (access key IDs and secret access keys) for

123

Page 129: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Access Keys

IAM users. By default, when you create an access key, its status is Active. This means the user can use theaccess key for API calls. For more information about access keys, see Managing Access Keys for IAM Users.

In this example, you use the AWS SDK for Ruby with IAM to:

1. List AWS IAM user access keys, using Aws::IAM::Client#list_access_keys.2. Create an access key, using Aws::IAM::Client#create_access_key.3. Determine when access keys were last used, using Aws::IAM::Client#get_access_key_last_used.4. Deactivate access keys, using Aws::IAM::Client#update_access_key.5. Delete the access key, using Aws::IAM::Client#delete_access_key.

PrerequisitesBefore running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)• Configuring the AWS SDK for Ruby (p. 8)

You will also need to create the user (my-user) specified in the script. You can create a new IAM user inthe IAM console or programmatically, as shown at Adding a New IAM User (p. 113).

Example

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# This code example demonstrates how to:# 1. List access keys for a user in AWS Identity and Access Management (IAM).# 2. Create an access key for a user.# 3. Determine when a user's access keys were last used.# 4. Deactivate an access key for a user.# 5. Delete an access key for a user.

require 'aws-sdk-iam'

# Lists information about access keys for a user in# AWS Identity and Access Management (IAM).## Prerequisites:# - The user in IAM.## @param iam [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @example# puts list_access_keys(Aws::IAM::Client.new, 'my-user')def list_access_keys(iam, user_name) response = iam.list_access_keys(user_name: user_name)

if response.access_key_metadata.count.positive? puts 'Access key IDs:' response.access_key_metadata.each do |key_metadata| puts " #{key_metadata.access_key_id}" end else puts "No access keys found for user '#{user_name}'." endrescue Aws::IAM::Errors::NoSuchEntity puts "Error listing access keys: cannot find user '#{user_name}'."

124

https://docs.amazonaws.cn/IAM/latest/UserGuide/id_credentials_access-keys.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#list_access_keys-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#create_access_key-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#get_access_key_last_used-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#update_access_key-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#delete_access_key-instance_method
Page 130: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Access Keys

exit 1rescue StandardError => e puts "Error listing access keys: #{e.message}"end

# Creates an access key for a user in AWS Identity and Access Management (IAM).## Prerequisites:# - The user in IAM.## @param iam [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @return [Aws::IAM::Types::AccessKey] Information about the new access key;# otherwise, the string 'Error'.# @example# puts create_access_key(Aws::IAM::Client.new, 'my-user')def create_access_key(iam, user_name) response = iam.create_access_key(user_name: user_name) access_key = response.access_key puts 'Access key created:' puts " Access key ID: #{access_key.access_key_id}" puts " Secret access key: #{access_key.secret_access_key}" puts 'Keep a record of this information in a secure location. ' \ 'This will be the only time you will be able to view the ' \ 'secret access key.' return access_keyrescue Aws::IAM::Errors::LimitExceeded puts 'Error creating access key: limit exceeded. Cannot create any more. ' \ 'To create more, delete an existing access key, and then try again.' return 'Error'rescue StandardError => e puts "Error creating access key: #{e.message}" return 'Error'end

# Lists information about when access keys for a user in# AWS Identity and Access Management (IAM) were last used.## Prerequisites:# - The user in IAM.## @param iam [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @example# puts access_keys_last_used(Aws::IAM::Client.new, 'my-user')def access_keys_last_used(iam, user_name) response = iam.list_access_keys(user_name: user_name)

response.access_key_metadata.each do |key_metadata| last_used = iam.get_access_key_last_used(access_key_id: key_metadata.access_key_id) if last_used.access_key_last_used.last_used_date.nil? puts " Key '#{key_metadata.access_key_id}' not used or date undetermined." else puts " Key '#{key_metadata.access_key_id}' last used on " \ "#{last_used.access_key_last_used.last_used_date}" end endrescue StandardError => e puts "Error determining when access keys were last used: #{e.message}"end

# Deactivates an access key in AWS Identity and Access Management (IAM).## Prerequisites:# - A user in IAM.# - An access key for that user.

125

Page 131: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Access Keys

## @param iam [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @param access_key_id [String] The ID of the access key.# @return [Boolean] true if the access key was deactivated;# otherwise, false.# @example# exit 1 unless access_key_deactivated?(# Aws::IAM::Client.new,# 'my-user',# 'AKIAIOSFODNN7EXAMPLE'# )def access_key_deactivated?(iam, user_name, access_key_id) iam.update_access_key( user_name: user_name, access_key_id: access_key_id, status: 'Inactive' ) return truerescue StandardError => e puts "Error deactivating access key: #{e.message}" return falseend

# Deletes an access key in AWS Identity and Access Management (IAM).## Prerequisites:# - A user in IAM.# - An access key for that user.## @param iam [Aws::IAM::Client] An initialized IAM client.# @param user_name [String] The name of the user.# @param access_key_id [String] The ID of the access key.# @return [Boolean] true if the access key was deleted;# otherwise, false.# @example# exit 1 unless access_key_deleted?(# Aws::IAM::Client.new,# 'my-user',# 'AKIAIOSFODNN7EXAMPLE'# )def access_key_deleted?(iam, user_name, access_key_id) iam.delete_access_key( user_name: user_name, access_key_id: access_key_id ) return truerescue StandardError => e puts "Error deleting access key: #{e.message}" return falseend

# Full example call:def run_me iam = Aws::IAM::Client.new user_name = 'my-user' create_key = true # Set to false to not create a new access key. delete_key = true # Set to false to not delete any generated access key.

puts "Access keys for user '#{user_name}' before attempting to create an " \ 'additional access key for the user:' list_access_keys(iam, user_name)

access_key = ''

if create_key

126

Page 132: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with IAM Server Certificates

puts 'Attempting to create an additional access key...' access_key = create_access_key(iam, user_name)

if access_key == 'Error' puts 'Additional access key not created. Stopping program.' exit 1 end

puts 'Additional access key created. Access keys for user now are:' list_access_keys(iam, user_name) end

puts 'Determining when current access keys were last used...' access_keys_last_used(iam, user_name)

if create_key && delete_key puts 'Attempting to deactivate additional access key...'

if access_key_deactivated?(iam, user_name, access_key.access_key_id) puts 'Access key deactivated. Access keys for user now are:' list_access_keys(iam, user_name) else puts 'Access key not deactivated. Stopping program.' puts 'You will need to delete the access key yourself.' end

puts 'Attempting to delete additional access key...'

if access_key_deleted?(iam, user_name, access_key.access_key_id) puts 'Access key deleted. Access keys for user now are:' list_access_keys(iam, user_name) else puts 'Access key not deleted. You will need to delete the ' \ 'access key yourself.' end endend

run_me if $PROGRAM_NAME == __FILE__

Working with IAM Server CertificatesTo enable HTTPS connections to your website or application on AWS, you need an SSL/TLS servercertificate. To use a certificate that you obtained from an external provider with your website orapplication on AWS, you must upload the certificate to IAM or import it into AWS Certificate Manager.For more information about server certificates, see Working with Server Certificates.

In this example, you use the AWS SDK for Ruby with IAM to:

1. Update a server certificate, using Aws::IAM::Client#update_server_certificate.2. Delete the server certificate, using Aws::IAM::Client#delete_server_certificate.3. List information about any remaining server certificates, using

Aws::IAM::Client#list_server_certificates.

PrerequisitesBefore running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)

127

https://docs.amazonaws.cn/IAM/latest/UserGuide/id_credentials_server-certs.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#update_server_certificate-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#delete_server_certificate-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#list_server_certificates-instance_method
Page 133: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with IAM Server Certificates

• Configuring the AWS SDK for Ruby (p. 8)

NoteThe server certificate must already exist, or the script will throw anAws::IAM::Errors::NoSuchEntity error.

Example

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# The following code example shows how to:# 1. Update a server certificate in AWS Identity and Access Management (IAM).# 2. List the names of available server certificates.# 3. Delete a server certificate.

require 'aws-sdk-iam'

# Gets a list of available server certificate names in# AWS Identity and Access Management (IAM).## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @example# list_server_certificate_names(Aws::IAM::Client.new)def list_server_certificate_names(iam_client) response = iam_client.list_server_certificates

if response.key?('server_certificate_metadata_list') && response.server_certificate_metadata_list.count.positive?

response.server_certificate_metadata_list.each do |certificate_metadata| puts certificate_metadata.server_certificate_name end else puts 'No server certificates found. Stopping program.' exit 1 endrescue StandardError => e puts "Error getting server certificate names: #{e.message}"end

# Changes the name of a server certificate in# AWS Identity and Access Management (IAM).## Prerequisites:## - The server certificate in IAM.## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param server_certificate_current_name [String] The current name of# the server certificate.# @param server_certificate_new_name [String] The new name for the# the server certificate.# @return [Boolean] true if the name of the server certificate# was changed; otherwise, false.# @example# exit 1 unless server_certificate_name_changed?(# Aws::IAM::Client.new,# 'my-server-certificate',# 'my-changed-server-certificate'# )def server_certificate_name_changed?( iam_client,

128

Page 134: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with IAM Server Certificates

server_certificate_current_name, server_certificate_new_name) iam_client.update_server_certificate( server_certificate_name: server_certificate_current_name, new_server_certificate_name: server_certificate_new_name ) return truerescue StandardError => e puts "Error updating server certificate name: #{e.message}" return falseend

# Deletes a server certificate in# AWS Identity and Access Management (IAM).## Prerequisites:## - The server certificate in IAM.## @param iam_client [Aws::IAM::Client] An initialized IAM client.# @param server_certificate_name [String] The name of the server certificate.# @return [Boolean] true if the server certificate was deleted;# otherwise, false.# @example# exit 1 unless server certificate_deleted?(# Aws::IAM::Client.new,# 'my-server-certificate'# )def server_certificate_deleted?(iam_client, server_certificate_name) iam_client.delete_server_certificate( server_certificate_name: server_certificate_name ) return truerescue StandardError => e puts "Error deleting server certificate: #{e.message}" return falseend

# Full example call:def run_me server_certificate_name = 'my-server-certificate' server_certificate_changed_name = 'my-changed-server-certificate' delete_server_certificate = true iam_client = Aws::IAM::Client.new

puts "Initial server certificate names are:\n\n" list_server_certificate_names(iam_client)

puts "\nAttempting to change name of server certificate " \ " '#{server_certificate_name}' " \ "to '#{server_certificate_changed_name}'..."

if server_certificate_name_changed?( iam_client, server_certificate_name, server_certificate_changed_name ) puts 'Server certificate name changed.' puts "Server certificate names now are:\n\n" list_server_certificate_names(iam_client)

if delete_server_certificate # Delete server certificate with changed name. puts "\nAttempting to delete server certificate " \ "'#{server_certificate_changed_name}'..."

129

Page 135: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Account Aliases

if server_certificate_deleted?(iam_client, server_certificate_changed_name) puts 'Server certificate deleted.' else puts 'Could not delete server certificate. You must delete it yourself.' end

puts "Server certificate names now are:\n\n" list_server_certificate_names(iam_client) end else puts 'Could not change server certificate name.' puts "Server certificate names now are:\n\n" list_server_certificate_names(iam_client)

if delete_server_certificate # Delete server certificate with initial name. puts "\nAttempting to delete server certificate '#{server_certificate_name}'..."

if server_certificate_deleted?(iam_client, server_certificate_name) puts 'Server certificate deleted.' else puts 'Could not delete server certificate. You must delete it yourself.' end

puts "Server certificate names now are:\n\n" list_server_certificate_names(iam_client) end endend

run_me if $PROGRAM_NAME == __FILE__

Managing IAM Account AliasesIf you want the URL for your sign-in page to contain your company name or other friendly identifierinstead of your AWS account ID, you can create an IAM account alias for your AWS account ID. Ifyou create an IAM account alias, your sign-in page URL changes to incorporate the alias. For moreinformation about IAM account aliases, see Your AWS Account ID and Its Alias.

In this example, you use the AWS SDK for Ruby with IAM to:

1. List AWS account aliases, using Aws::IAM::Client#list_account_aliases.

2. Create an account alias, using Aws::IAM::Client#create_account_alias.

3. Delete the account alias, using Aws::IAM::Client#delete_account_alias.

Prerequisites

Before running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)

• Configuring the AWS SDK for Ruby (p. 8)

In the example code, change the my-account-alias string to something that will be unique across allAmazon Web Services products.

130

https://docs.amazonaws.cn/IAM/latest/UserGuide/console_account-alias.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#list_account_aliases-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#create_account_alias-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/IAM/Client.html#delete_account_alias-instance_method
Page 136: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging IAM Account Aliases

Example

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# The following code example shows how to:# 1. List available AWS account aliases.# 2. Create an account alias.# 3. Delete an account alias.

require 'aws-sdk-iam'

# Lists available AWS account aliases.## @param iam [Aws::IAM::Client] An initialized IAM client.# @example# puts list_aliases(Aws::IAM::Client.new)def list_aliases(iam) response = iam.list_account_aliases

if response.account_aliases.count.positive? response.account_aliases.each do |account_alias| puts " #{account_alias}" end else puts 'No account aliases found.' endrescue StandardError => e puts "Error listing account aliases: #{e.message}"end

# Creates an AWS account alias.## @param iam [Aws::IAM::Client] An initialized IAM client.# @param account_alias [String] The name of the account alias to create.# @return [Boolean] true if the account alias was created; otherwise, false.# @example# exit 1 unless alias_created?(Aws::IAM::Client.new, 'my-account-alias')def alias_created?(iam, account_alias) iam.create_account_alias(account_alias: account_alias) return truerescue StandardError => e puts "Error creating account alias: #{e.message}" return falseend

# Deletes an AWS account alias.## @param iam [Aws::IAM::Client] An initialized IAM client.# @param account_alias [String] The name of the account alias to delete.# @return [Boolean] true if the account alias was deleted; otherwise, false.# @example# exit 1 unless alias_deleted?(Aws::IAM::Client.new, 'my-account-alias')def alias_deleted?(iam, account_alias) iam.delete_account_alias(account_alias: account_alias) return truerescue StandardError => e puts "Error deleting account alias: #{e.message}" return falseend

# Full example call:def run_me iam = Aws::IAM::Client.new

131

Page 137: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAWS KMS Examples

account_alias = 'my-account-alias' create_alias = true # Change to false to not generate an account alias. delete_alias = true # Change to false to not delete any generated account alias.

puts 'Account aliases are:' list_aliases(iam)

if create_alias puts 'Attempting to create account alias...' if alias_created?(iam, account_alias) puts 'Account alias created. Account aliases now are:' list_aliases(iam) else puts 'Account alias not created. Stopping program.' exit 1 end end

if create_alias && delete_alias puts 'Attempting to delete account alias...' if alias_deleted?(iam, account_alias) puts 'Account alias deleted. Account aliases now are:' list_aliases(iam) else puts 'Account alias not deleted. You will need to delete ' \ 'the alias yourself.' end endend

run_me if $PROGRAM_NAME == __FILE__

AWS Key Management Service Examples Using theAWS SDK for Ruby

AWS Key Management Service (AWS KMS) is an encryption and key management service scaled for thecloud. You can use the following examples to access AWS KMS using the AWS SDK for Ruby. For moreinformation about AWS KMS, see the Amazon KMS documentation. For reference information about theAWS KMS client, see Aws::KMS::Client.

Topics• Creating a CMK in AWS KMS (p. 132)• Encrypting Data in AWS KMS (p. 133)• Decrypting a Data Blob in AWS KMS (p. 134)• Re-encrypting a Data Blob in AWS KMS (p. 134)

Creating a CMK in AWS KMSThe following example uses the AWS SDK for Rubycreate_key method, which implements the CreateKeyoperation to create a customer master key (CMK). Because the example only encrypts a small amountof data, a CMK is fine for our purposes. For larger amounts of data, use the CMK to encrypt a dataencryption key (DEK).

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.#

132

http://www.amazonaws.cn/documentation/kms/
https://docs.amazonaws.cn/sdk-for-ruby/v3/api//Aws/KMS/Client.html
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/KMS/Client.html#create_key-instance_method
https://docs.amazonaws.cn/kms/latest/APIReference/API_CreateKey.html
Page 138: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Data in AWS KMS

# This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-kms' # v2: require 'aws-sdk'

# Create a customer master key (CMK).# As long we are only encrypting small amounts of data (4 KiB or less) directly,# a CMK is fine for our purposes.# For larger amounts of data,# use the CMK to encrypt a data encryption key (DEK).

client = Aws::KMS::Client.new

resp = client.create_key({ tags: [ { tag_key: 'CreatedBy', tag_value: 'ExampleUser' }, ],})

puts resp.key_metadata.key_id

Choose Copy to save the code locally. See the complete example on GitHub.

Encrypting Data in AWS KMSThe following example uses the AWS SDK for Rubyencrypt method, which implements the Encryptoperation, to encrypt the string “1234567890”. The example displays a readable version of the resultingencrypted blob.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-kms' # v2: require 'aws-sdk'

# ARN of the customer master key (CMK).## Replace the fictitious key ARN with a valid key ID

keyId = 'arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab'

text = '1234567890'

client = Aws::KMS::Client.new(region: 'us-west-2')

133

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/kms/aws-ruby-sdk-kms-example-create-key.rb
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/KMS/Client.html#encrypt-instance_method
https://docs.amazonaws.cn/kms/latest/APIReference/API_Encrypt.html
https://docs.amazonaws.cn/kms/latest/APIReference/API_Encrypt.html
Page 139: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDecrypting a Data Blob in AWS KMS

resp = client.encrypt({ key_id: keyId, plaintext: text,})

puts 'Blob:'puts resp.ciphertext_blob.unpack('H*')

Choose Copy to save the code locally. See the complete example on GitHub.

Decrypting a Data Blob in AWS KMSThe following example uses the AWS SDK for Rubydecrypt method, which implements the Decryptoperation, to decrypt the provided string and emit the result.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-kms' # v2: require 'aws-sdk'

# Decrypted blob

blob = '01020200785d68faeec386af1057904926253051eb2919d3c16078badf65b808b26dd057c101747cadf3593596e093d4ffbf22434a6d00000068306606092a864886f70d010706a0593057020100305206092a864886f70d010701301e060960864801650304012e3011040c9d629e573683972cdb7d94b30201108025b20b060591b02ca0deb0fbdfc2f86c8bfcb265947739851ad56f3adce91eba87c59691a9a1'blob_packed = [blob].pack("H*")

client = Aws::KMS::Client.new(region: 'us-west-2')

resp = client.decrypt({ ciphertext_blob: blob_packed})

puts 'Raw text: 'puts resp.plaintext

Choose Copy to save the code locally. See the complete example on GitHub.

Re-encrypting a Data Blob in AWS KMSThe following example uses the AWS SDK for Rubyre_encrypt method, which implements the ReEncryptoperation, to decrypt encrypted data and then immediately re-encrypt data under a new customermaster key (CMK). The operations are performed entirely on the server side within AWS KMS, so theynever expose your plaintext outside of AWS KMS. The example displays a readable version of theresulting re-encrypted blob.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/

134

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/kms/aws-ruby-sdk-kms-example-encrypt-data.rb
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/KMS/Client.html#decrypt-instance_method
https://docs.amazonaws.cn/kms/latest/APIReference/API_Decrypt.html
https://docs.amazonaws.cn/kms/latest/APIReference/API_Decrypt.html
https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/kms/aws-ruby-sdk-kms-example-decrypt-blob.rb
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/KMS/Client.html#re_encrypt-instance_method
https://docs.amazonaws.cn/kms/latest/APIReference/API_ReEncrypt.html
Page 140: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAWS Lambda Examples

## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-kms' # v2: require 'aws-sdk'

# Human-readable version of the ciphertext of the data to reencrypt.

blob = '01020200785d68faeec386af1057904926253051eb2919d3c16078badf65b808b26dd057c101747cadf3593596e093d4ffbf22434a6d00000068306606092a864886f70d010706a0593057020100305206092a864886f70d010701301e060960864801650304012e3011040c9d629e573683972cdb7d94b30201108025b20b060591b02ca0deb0fbdfc2f86c8bfcb265947739851ad56f3adce91eba87c59691a9a1'sourceCiphertextBlob = [blob].pack("H*")

# Replace the fictitious key ARN with a valid key ID

destinationKeyId = 'arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321'

client = Aws::KMS::Client.new(region: 'us-west-2')

resp = client.re_encrypt({ ciphertext_blob: sourceCiphertextBlob, destination_key_id: destinationKeyId})

puts 'Blob:'puts resp.ciphertext_blob.unpack('H*')

Choose Copy to save the code locally. See the complete example on GitHub.

AWS Lambda Examples Using the AWS SDK forRuby

AWS Lambda (Lambda) is a zero-administration compute platform for backend web developers thatruns your code for you in the AWS Cloud, and provides you with a fine-grained pricing structure. You canuse the following examples to access Lambda using the AWS SDK for Ruby. For more information aboutLambda, see the AWS Lambda documentation.

Topics• Displaying Information about All Lambda Functions (p. 135)• Creating a Lambda Function (p. 136)• Running a Lambda Function (p. 137)• Configuring a Lambda Function to Receive Notifications (p. 138)

Displaying Information about All Lambda FunctionsThe following example displays the name, ARN, and role of all of your Lambda functions in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/

135

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/kms/aws-ruby-sdk-kms-example-re-encrypt-data.rb
http://www.amazonaws.cn/documentation/lambda/
Page 141: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating a Lambda Function

## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-lambda' # v2: require 'aws-sdk'

client = Aws::Lambda::Client.new(region: 'us-west-2')

client.list_functions.functions.each do |function| puts 'Name: ' + function.function_name puts 'ARN: ' + function.function_arn puts 'Role: ' + function.role putsend

Creating a Lambda FunctionThe following example creates the Lambda function named my-notification-function in the us-west-2 region using these values:

• Role ARN: my-resource-arn. In most cases, you need to attach only the AWSLambdaExecutemanaged policy to the policy for this role.

• Function entry point: my-package.my-class• Runtime: java8• Zip file: my-zip-file.zip• Bucket: my-notification-bucket• Key: my-zip-file

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-lambda' # v2: require 'aws-sdk'

client = Aws::Lambda::Client.new(region: 'us-west-2')

args = {}args[:role] = 'my-resource-arn'args[:function_name] = 'my-notification-function'args[:handler] = 'my-package.my-class'

# Also accepts nodejs, nodejs4.3, and python2.7args[:runtime] = 'java8'

code = {}code[:zip_file] = 'my-zip-file.zip'code[:s3_bucket] = 'my-notification-bucket'code[:s3_key] = 'my-zip-file'

args[:code] = code

136

Page 142: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideRunning a Lambda Function

client.create_function(args)

Running a Lambda FunctionThe following example runs the Lambda function named MyGetitemsFunction in the us-west-2region. This function returns a list of items from a database. The input JSON looks like the following.

{ "SortBy": "name|time", "SortOrder": "ascending|descending", "Number": 50}

where:

• SortBy is the criteria for sorting the results. Our examples uses time, which means the returned itemsare sorted in the order in which they were added to the database.

• SortOrder is the order of sorting. Our example uses descending, which means the most-recent itemis last in the list.

• Number is the maximum number of items to retrieve (the default is 50). Our example uses 10, whichmeans get the 10 most-recent items.

The output JSON looks like the following, where:

• STATUS-CODE is an HTTP status code, 200 means the call was successful.• RESULT is the result of the call, either success or failure.• ERROR is an error message if result is failure, otherwise an empty string• DATA is an array of returned results if result is success, otherwise nil.

{ "statusCode": "STATUS-CODE", "body": { "result": "RESULT", "error": "ERROR", "data": "DATA" }}

The first step is to load the modules we use:

• aws-sdk loads the AWS SDK for Ruby module we use to invoke the Lambda function.• json loads the JSON module we use to marshall and unmarshall the request and response payloads.• os loads the OS module we use to ensure we can run our Ruby application on Microsoft Windows. If

you are on a different operating system, you can remove those lines.• We then create the Lambda client we use to invoke the Lambda function.• Next we create the hash for the request arguments and call MyGetItemsFunction.• Finally we parse the response, and if are successful, we print out the items.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at

137

Page 143: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideConfiguring a Lambda Function to Receive Notifications

## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-lambda' # v2: require 'aws-sdk'require 'json'

# To run on Windows:require 'os'if OS.windows? Aws.use_bundled_cert!end

client = Aws::Lambda::Client.new(region: 'us-west-2')

# Get the 10 most recent itemsreq_payload = {:SortBy => 'time', :SortOrder => 'descending', :NumberToGet => 10}payload = JSON.generate(req_payload)

resp = client.invoke({ function_name: 'MyGetItemsFunction', invocation_type: 'RequestResponse', log_type: 'None', payload: payload })

resp_payload = JSON.parse(resp.payload.string) # , symbolize_names: true)

# If the status code is 200, the call succeededif resp_payload["statusCode"] == 200 # If the result is success, we got our items if resp_payload["body"]["result"] == "success" # Print out items resp_payload["body"]["data"].each do |item| puts item end endend

See the complete example on GitHub.

Configuring a Lambda Function to ReceiveNotificationsThe following example configures the Lambda function named my-notification-function in theus-west-2 region to accept notifications from the resource with the ARN my-resource-arn.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

138

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/lambda/aws-ruby-sdk-lambda-example-run-function.rb
Page 144: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon Polly Examples

require 'aws-sdk-lambda' # v2: require 'aws-sdk'

client = Aws::Lambda::Client.new(region: 'us-west-2')

args = {}args[:function_name] = 'my-notification-function'args[:statement_id] = 'lambda_s3_notification'args[:action] = 'lambda:InvokeFunction'args[:principal] = 's3.amazonaws.com'args[:source_arn] = 'my-resource-arn'

client.add_permission(args)

Amazon Polly Examples Using the AWS SDK forRuby

Amazon Polly is a cloud service that converts text into lifelike speech. The AWS SDK for Go examplescan integrate Amazon Polly into your applications. Learn more about Amazon Polly at Amazon Pollydocumentation. The examples assume you have already set up and configured the SDK (that is, you’veimported all required packages and set your credentials and region). For more information, see Installingthe AWS SDK for Ruby (p. 4) and Configuring the AWS SDK for Ruby (p. 8).

You can download complete versions of these example files from the aws-doc-sdk-examples repositoryon GitHub.

Topics• Getting a List of Voices (p. 139)• Getting a List of Lexicons (p. 140)• Synthesizing Speech (p. 141)

Getting a List of VoicesThis example uses the describe_voices method to get the list of US English voices in the us-west-2region.

Choose Copy to save the code locally.

Create the file polly_describe_voices.rb.

Add the required gem.

NoteVersion 2 of the AWS SDK for Ruby didn’t have service-specific gems.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-polly' # In v2: require 'aws-sdk'

139

http://www.amazonaws.cn/documentation/polly/
http://www.amazonaws.cn/documentation/polly/
https://github.com/awsdocs/aws-doc-sdk-examples/tree/master/ruby/polly
https://docs.amazonaws.cn/sdkforruby/api/Aws/Polly/Client.html#describe_voices-instance_method
Page 145: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting a List of Lexicons

begin # Create an Amazon Polly client using # credentials from the shared credentials file ~/.aws/credentials # and the configuration (region) from the shared configuration file ~/.aws/config polly = Aws::Polly::Client.new # Get US English voices resp = polly.describe_voices(language_code: 'en-US')

resp.voices.each do |v| puts v.name puts ' ' + v.gender puts endrescue StandardError => ex puts 'Could not get voices' puts 'Error message:' puts ex.messageend

See the complete example on GitHub.

Getting a List of LexiconsThis example uses the list_lexicons method to get the list of lexicons in the us-west-2 region.

Choose Copy to save the code locally.

Create the file polly_list_lexicons.rb.

Add the required gem.

NoteVersion 2 of the AWS SDK for Ruby didn’t have service-specific gems.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-polly' # In v2: require 'aws-sdk'

begin # Create an Amazon Polly client using # credentials from the shared credentials file ~/.aws/credentials # and the configuration (region) from the shared configuration file ~/.aws/config polly = Aws::Polly::Client.new

resp = polly.list_lexicons

resp.lexicons.each do |l| puts l.name puts ' Alphabet:' + l.attributes.alphabet puts ' Language:' + l.attributes.language puts end

140

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/polly/polly_describe_voices.rb
https://docs.amazonaws.cn/sdkforruby/api/Aws/Polly/Client.html#list_lexicons-instance_method
Page 146: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSynthesizing Speech

rescue StandardError => ex puts 'Could not get lexicons' puts 'Error message:' puts ex.messageend

See the complete example on GitHub.

Synthesizing SpeechThis example uses the synthesize_speech method to get the text from a file and produce an MP3 filecontaining the synthesized speech.

Choose Copy to save the code locally.

Create the file polly_synthesize_speech.rb.

Add the required gem.

NoteVersion 2 of the AWS SDK for Ruby didn’t have service-specific gems.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-polly' # In v2: require 'aws-sdk'

begin # Get the filename from the command line if ARGV.empty?() puts 'You must supply a filename' exit 1 end

filename = ARGV[0]

# Open file and get the contents as a string if File.exist?(filename) contents = IO.read(filename) else puts 'No such file: ' + filename exit 1 end

# Create an Amazon Polly client using # credentials from the shared credentials file ~/.aws/credentials # and the configuration (region) from the shared configuration file ~/.aws/config polly = Aws::Polly::Client.new

resp = polly.synthesize_speech({ output_format: "mp3", text: contents, voice_id: "Joanna", })

141

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/polly/polly_list_lexicons.rb
https://docs.amazonaws.cn/sdkforruby/api/Aws/Polly/Client.html#synthesize_speech-instance_method
Page 147: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon RDS Examples

# Save output # Get just the file name # abc/xyz.txt -> xyx.txt name = File.basename(filename)

# Split up name so we get just the xyz part parts = name.split('.') first_part = parts[0] mp3_file = first_part + '.mp3'

IO.copy_stream(resp.audio_stream, mp3_file)

puts 'Wrote MP3 content to: ' + mp3_filerescue StandardError => ex puts 'Got error:' puts 'Error message:' puts ex.messageend

NoteThe resulting MP3 file is in the MPEG-2 format.

See the complete example on GitHub.

Amazon RDS Examples Using the AWS SDK forRuby

Amazon Relational Database Service (Amazon RDS) is a web service that makes it easier to set up,operate, and scale a relational database in the cloud. You can use the following examples to accessAmazon RDS using the AWS SDK for Ruby. For more information about Amazon RDS, see the AmazonRelational Datbase Service documentation.

NoteSome of the following examples use methods that were introduced in the 2.2.18 version ofthe Aws::RDS::Resource class. To run those examples, you must use that version or a laterversion of the aws-sdk gem.

Topics• Getting Information about All Amazon RDS Instances (p. 142)• Getting Information about All Amazon RDS Snapshots (p. 143)• Getting Information about All Amazon RDS Clusters and Their Snapshots (p. 143)• Getting Information about All Amazon RDS Security Groups (p. 144)• Getting Information about All Amazon RDS Subnet Groups (p. 145)• Getting Information about All Amazon RDS Parameter Groups (p. 145)• Creating a Snapshot of an Amazon RDS Instance (p. 146)• Creating a Snapshot of an Amazon RDS Cluster (p. 146)

Getting Information about All Amazon RDS InstancesThe following example lists the name (ID) and status of all of your Amazon RDS instances in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.#

142

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/polly/polly_synthesize_speech.rb
http://www.amazonaws.cn/documentation/rds/
http://www.amazonaws.cn/documentation/rds/
Page 148: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about All Amazon RDS Snapshots

# This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-rds' # v2: require 'aws-sdk'

rds = Aws::RDS::Resource.new(region: 'us-west-2') rds.db_instances.each do |i| puts "Name (ID): #{i.id}" puts "Status : #{i.db_instance_status}" putsend

Getting Information about All Amazon RDSSnapshotsThe following example lists the names (IDs) and status of all of your Amazon RDS (instance) snapshots inthe us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-rds' # v2: require 'aws-sdk'

rds = Aws::RDS::Resource.new(region: 'us-west-2') rds.db_snapshots.each do |s| puts "Name (ID): #{s.snapshot_id}" puts "Status: #{s.status}"end

Getting Information about All Amazon RDS Clustersand Their SnapshotsThe following example lists the name (ID) and status of all of your Amazon RDS clusters and the name(ID) and status of their snapshots in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at#

143

Page 149: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about AllAmazon RDS Security Groups

# http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-rds' # v2: require 'aws-sdk'

rds = Aws::RDS::Resource.new(region: 'us-west-2')

rds.db_clusters.each do |c| puts "Name (ID): #{c.id}" puts "Status: #{c.status}"

c.snapshots.each do |s| puts " Snapshot: #{s.snapshot_id}" puts " Status: #{s.status}" endend

Getting Information about All Amazon RDS SecurityGroupsThe following example lists the names of all of your Amazon RDS security groups in the us-west-2region.

NoteAmazon RDS security groups are only applicable when you are using the Amazon EC2-Classicplatform. If you are using Amazon EC2-VPC, use VPC security groups. Both are shown in theexample.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-rds' # v2: require 'aws-sdk'

rds = Aws::RDS::Resource.new(region: 'us-west-2')

rds.db_instances.each do |i| # Show any security group IDs and descriptions puts 'Security Groups:'

i.db_security_groups.each do |sg| puts sg.db_security_group_name puts ' ' + sg.db_security_group_description puts end

# Show any VPC security group IDs and their status puts 'VPC Security Groups:'

i.vpc_security_groups.each do |vsg| puts vsg.vpc_security_group_id

144

Page 150: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about All Amazon RDS Subnet Groups

puts ' ' + vsg.status puts endend

Getting Information about All Amazon RDS SubnetGroupsThe following example lists the name and status of all of your Amazon RDS subnet groups in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-rds' # v2: require 'aws-sdk'

rds = Aws::RDS::Resource.new(region: 'us-west-2') rds.db_subnet_groups.each do |s| puts s.name puts ' ' + s.subnet_group_statusend

Getting Information about All Amazon RDSParameter GroupsThe following example lists the names and descriptions of all of your Amazon RDS parameter groups inthe us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-rds' # v2: require 'aws-sdk'

rds = Aws::RDS::Resource.new(region: 'us-west-2') rds.db_parameter_groups.each do |p| puts p.db_parameter_group_name puts ' ' + p.descriptionend

145

Page 151: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating a Snapshot of an Amazon RDS Instance

Creating a Snapshot of an Amazon RDS InstanceThe following example creates a snapshot for the Amazon RDS instance represented by instance_name inthe us-west-2 region.

NoteIf your instance is a member of a cluster, you can’t create a snapshot of the instance. Instead,you must create a snapshot of the cluster (see Creating a Snapshot of an Amazon RDSCluster (p. 146)).

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-rds' # v2: require 'aws-sdk'

rds = Aws::RDS::Resource.new(region: 'us-west-2') instance = rds.db_instance(instance_name) date = Time.newdate_time = date.year.to_s + '-' + date.month.to_s + '-' + date.day.to_s + '-' + date.hour.to_s + '-' + date.min.to_s

id = instance_name + '-' + date_time instance.create_snapshot({db_snapshot_identifier: id})

puts "Created snapshot #{id}"

Creating a Snapshot of an Amazon RDS ClusterThe following example creates a snapshot for the Amazon RDS cluster represented by cluster_name inthe us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-rds' # v2: require 'aws-sdk'

rds = Aws::RDS::Resource.new(region: 'us-west-2') cluster = rds.db_cluster(cluster_name) date = Time.new

146

Page 152: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon S3 Examples

date_time = date.year.to_s + '-' + date.month.to_s + '-' + date.day.to_s + '-' + date.hour.to_s + '-' + date.min.to_s

id = cluster_name + '-' + date_time

cluster.create_snapshot({db_cluster_snapshot_identifier: id})

puts "Created cluster snapshot #{id}"

Amazon S3 Examples Using the AWS SDK for RubyAmazon Simple Storage Service (Amazon S3) is storage for the internet. You can use the followingexamples to access Amazon S3 using the AWS SDK for Ruby. Learn more about Amazon S3 at Amazon S3documentation.

Topics• Getting Information about All Amazon S3 Buckets (p. 147)• Getting Information about All Amazon S3 Buckets in a Region (p. 148)• Creating and Using an Amazon S3 Bucket (p. 149)• Determining Whether an Amazon S3 Bucket Exists (p. 153)• Getting Information about Amazon S3 Bucket Objects (p. 155)• Uploading an Object to an Amazon S3 Bucket (p. 156)• Uploading an Object with Metadata to an Amazon S3 Bucket (p. 157)• Downloading an Object from an Amazon S3 Bucket into a File (p. 158)• Changing the Properties for an Amazon S3 Bucket Object (p. 159)• Encrypting Amazon S3 Bucket Items (p. 160)• Triggering a Notification When an Item is Added to an Amazon S3 Bucket (p. 173)• Creating a LifeCycle Rule Configuration Template for an Amazon S3 Bucket (p. 175)• Creating an Amazon S3 Bucket Policy with Ruby (p. 177)• Configuring an Amazon S3 Bucket for CORS (p. 181)• Managing Amazon S3 Bucket and Object Access Permissions (p. 183)• Using a Amazon S3 Bucket to Host a Website (p. 186)

Getting Information about All Amazon S3 BucketsThe following example lists the names of up to 50 available Amazon S3 buckets for the specified AWSRegion.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Lists the Amazon Simple Storage Service (Amazon S3) buckets owned by the# authenticated sender of the request.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param max_buckets [Integer] The maximum number of buckets to list. The# number must be between 1 and 50. If not specified, only up to the# first 50 objects will be listed.# @example# list_buckets(Aws::S3::Client.new(region: 'us-east-1'), 25)def list_buckets(s3_client, max_buckets = 50)

147

http://www.amazonaws.cn/documentation/s3/
http://www.amazonaws.cn/documentation/s3/
Page 153: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about All

Amazon S3 Buckets in a Region

if max_buckets < 1 || max_buckets > 50 puts 'Maximum number of buckets to request must be between 1 and 50.' return end buckets = s3_client.list_buckets.buckets if buckets.count.zero? puts 'No buckets.' return else if buckets.count > max_buckets puts "First #{max_buckets} buckets:" i = 0 max_buckets.times do puts "#{i + 1}) #{buckets[i].name}" i += 1 end else puts "#{buckets.count} buckets:" i = 0 buckets.count.times do puts "#{i + 1}) #{buckets[i].name}" i += 1 end end endrescue StandardError => e puts "Error listing buckets: #{e.message}"end

def run_me region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region) list_buckets(s3_client, 25)end

run_me if $PROGRAM_NAME == __FILE__

Getting Information about All Amazon S3 Buckets ina RegionThe following code example lists the names of available Amazon S3 buckets for the specified AWSRegion.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Checks to see which Amazon Simple Storage Service (Amazon S3)# buckets accessible to you and were initially created with the target# AWS Region specified.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param region [String] The Region to check.# @example# list_accessible_buckets_in_region(# Aws::S3::Client.new(region: 'us-east-1'),# 'us-east-1'# )def list_accessible_buckets_in_region(s3_client, region) buckets = s3_client.list_buckets.buckets buckets_in_region = []

148

Page 154: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating and Using an Amazon S3 Bucket

buckets.each do |bucket| bucket_region = s3_client.get_bucket_location( bucket: bucket.name ).location_constraint if bucket_region == region buckets_in_region << bucket.name end end if buckets_in_region.count.zero? puts "No buckets accessible to you and also set to region '#{region}' " \ 'when initially created.' exit 1 else puts "Buckets accessible to you and also set to region '#{region}' " \ 'when initially created:' buckets_in_region.each do |bucket_name| puts bucket_name end endrescue StandardError => e puts "Error getting information about buckets: #{e.message}" exit 1end

# Full example call:def run_me region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

list_accessible_buckets_in_region(s3_client, region)end

run_me if $PROGRAM_NAME == __FILE__

Creating and Using an Amazon S3 BucketThe following code example:

1. Lists available buckets in Amazon S3 for the specified AWS Region.

2. Creates two buckets.

3. Uploads an object to one of the buckets.

4. Copies the uploaded object to the other bucket.

5. Deletes the object from the first bucket.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Demonstrates various Amazon S3 operations, such as creating and listing# buckets and uploading, copying, and deleting objects from buckets.

# Lists the available Amazon S3 buckets.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @example# list_buckets(Aws::S3::Client.new(region: 'us-east-1'))def list_buckets(s3_client) response = s3_client.list_buckets if response.buckets.count.zero?

149

Page 155: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating and Using an Amazon S3 Bucket

puts 'No buckets.' else response.buckets.each do |bucket| puts bucket.name end endrescue StandardError => e puts "Error listing buckets: #{e.message}"end

# Creates a bucket in Amazon S3.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @return [Boolean] true if the bucket was created; otherwise, false.# @example# exit 1 unless bucket_created?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket'# )def bucket_created?(s3_client, bucket_name) response = s3_client.create_bucket(bucket: bucket_name) if response.location == '/' + bucket_name return true else return false endrescue StandardError => e puts "Error creating bucket: #{e.message}" return falseend

# Uploads an object to a bucket in Amazon S3.## Prerequisites:## - An Amazon S3 bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @param object_key [String] The name of the object.# @param object_content [String] The content to add to the object.# @return [Boolean] true if the object was uploaded; otherwise, false.# @example# exit 1 unless object_uploaded?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt',# 'This is the content of my-file.txt.'# )def object_uploaded?(s3_client, bucket_name, object_key, object_content) response = s3_client.put_object( bucket: bucket_name, key: object_key, body: object_content ) if response.etag return true else return false endrescue StandardError => e puts "Error uploading object: #{e.message}" return falseend

150

Page 156: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating and Using an Amazon S3 Bucket

# Lists available objects in an Amazon S3 bucket.## Prerequisites:## - An Amazon S3 bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @example# list_objects(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket'# )def list_objects(s3_client, bucket_name) response = s3_client.list_objects_v2(bucket: bucket_name) if response.contents.count.zero? puts 'No objects.' else response.contents.each do |object| puts object.key end endrescue StandardError => e puts "Error listing objects: #{e.message}"end

# Copies an object from one Amazon S3 bucket to another.## Prerequisites:## - Two Amazon S3 bucket.# - An object in the source bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param source_bucket_name [String] The name of the source bucket.# @param source_object_key [String] The name of the object to copy.# @param target_bucket_name [String] The name of the target bucket.# @param target_object_key [String] The name of the copied object.# @return [Boolean] true if the object was copied; otherwise, false.# @example# exit 1 unless object_copied?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt',# 'doc-example-bucket1',# 'my-file-1.txt'# )def object_copied?( s3_client, source_bucket_name, source_object_key, target_bucket_name, target_object_key) response = s3_client.copy_object( bucket: target_bucket_name, copy_source: "#{source_bucket_name}/#{source_object_key}", key: target_object_key ) if response.copy_object_result.etag return true else return false endrescue StandardError => e puts "Error copying object: #{e.message}"

151

Page 157: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating and Using an Amazon S3 Bucket

return falseend

# Deletes an object from an Amazon S3 bucket.## Prerequisites:## - An Amazon S3 bucket.# - An object to be deleted from the bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @return object_key [String] The name of the object.# @example# exit 1 unless object_deleted?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt'# )def object_deleted?(s3_client, bucket_name, object_key) response = s3_client.delete_objects( bucket: bucket_name, delete: { objects: [ { key: object_key } ] } ) if response.deleted.count == 1 return true else return false endrescue StandardError => e puts "Error deleting object: #{e.message}" return falseend

# Full example call:def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' object_content = 'This is the content of my-file.txt.' target_bucket_name = 'doc-example-bucket1' target_object_key = 'my-file-1.txt' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

puts 'Available buckets:' list_buckets(s3_client)

if bucket_created?(s3_client, bucket_name) puts "Bucket '#{bucket_name}' created." else puts "Bucket '#{bucket_name}' not created. Program will stop." exit 1 end

if bucket_created?(s3_client, target_bucket_name) puts "Bucket '#{target_bucket_name}' created." else puts "Bucket '#{target_bucket_name}' not created. Program will stop." exit 1 end

152

Page 158: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDetermining Whether an Amazon S3 Bucket Exists

if object_uploaded?(s3_client, bucket_name, object_key, object_content) puts "Object '#{object_key}' uploaded to bucket '#{bucket_name}'." else puts "Object '#{object_key}' uploaded to bucket '#{bucket_name}'. " \ 'Program will stop.' exit 1 end

puts "Objects in bucket '#{bucket_name}':" list_objects(s3_client, bucket_name)

if object_copied?( s3_client, bucket_name, object_key, target_bucket_name, target_object_key ) puts "Object '#{object_key}' copied to bucket '#{target_bucket_name}' " \ "as object '#{target_object_key}'." else puts "Object '#{object_key}' not copied to bucket '#{target_bucket_name}' " \ "as object '#{target_object_key}'." end

if object_deleted?(s3_client, bucket_name, object_key) puts "Object '#{object_key}' deleted from bucket '#{bucket_name}'." else puts "Object '#{object_key}' not deleted from bucket '#{bucket_name}'." endend

run_me if $PROGRAM_NAME == __FILE__

Determining Whether an Amazon S3 Bucket ExistsThe following code example checks whether the specified bucket exists in Amazon S3 and is accessible toyou.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Checks to see whether an Amazon Simple Storage Service# (Amazon S3) bucket exists.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The name of the bucket.# @return [Boolean] true if the bucket exists; otherwise, false.# @example# exit 1 unless bucket_exists?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket'# )def bucket_exists?(s3_client, bucket_name) response = s3_client.list_buckets response.buckets.each do |bucket| return true if bucket.name == bucket_name end return falserescue StandardError => e

153

Page 159: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDetermining Whether an Amazon S3 Bucket Exists

puts "Error listing buckets: #{e.message}" return falseend

# Full example call:def run_me bucket_name = 'doc-example-bucket' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if bucket_exists?(s3_client, bucket_name) puts 'Bucket exists.' else puts 'Bucket does not exist or is not accessible to you.' endend

run_me if $PROGRAM_NAME == __FILE__

The following code example checks whether the specified bucket exists in Amazon S3 and you havepermission to access it.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-s3'

# Determines whether an Amazon Simple Storage Service (Amazon S3)# bucket exists and you have permission to access it.## Prerequisites:## - An S3 bucket.## @param# @param# @return [Boolean] true if the bucket exists and you have permission to# access it; otherwise, false.# @example# exit 1 unless bucket_exists_and_accessible?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket'# )def bucket_exists_and_accessible?(s3_client, bucket_name) s3_client.head_bucket(bucket: bucket_name) return truerescue StandardError return falseend

# Full example call:def run_me bucket_name = 'doc-example-bucket' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if bucket_exists_and_accessible?(s3_client, bucket_name) puts "Bucket '#{bucket_name}' exists and is accessible to you." else puts "Bucket '#{bucket_name}' does not exist " \ 'or is not accessible to you.' endend

154

Page 160: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about Amazon S3 Bucket Objects

run_me if $PROGRAM_NAME == __FILE__

Getting Information about Amazon S3 BucketObjectsThe following code example lists up to the first 1,000 objects in the specified bucket in Amazon S3.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Lists the objects in an Amazon Simple Storage Service (Amazon S3) bucket.## Prerequisites:## - An S3 bucket, preferrably containing at least one object.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The name of the bucket.# @param max_objects [Integer] The maximum number of objects to list. The# number must be between 1 and 1,000. If not specified, only up to the# first 50 objects will be listed.# @example# list_bucket_objects(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 100# )def list_bucket_objects(s3_client, bucket_name, max_objects = 50) if max_objects < 1 || max_objects > 1000 puts 'Maximum number of objects to request must be between 1 and 1,000.' return end

objects = s3_client.list_objects_v2( bucket: bucket_name, max_keys: max_objects ).contents

if objects.count.zero? puts "No objects in bucket '#{bucket_name}'." return else if objects.count == max_objects puts "First #{objects.count} objects in bucket '#{bucket_name}':" else puts "Objects in bucket '#{bucket_name}':" end objects.each do |object| puts object.key end endrescue StandardError => e puts "Error accessing bucket '#{bucket_name}' " \ "or listing its objects: #{e.message}"end

# Full example call:def run_me bucket_name = 'doc-example-bucket' region = 'us-east-1'

155

Page 161: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUploading an Object to an Amazon S3 Bucket

s3_client = Aws::S3::Client.new(region: region)

list_bucket_objects(s3_client, bucket_name)end

run_me if $PROGRAM_NAME == __FILE__

Uploading an Object to an Amazon S3 BucketThe following example uploads an object to a bucket in Amazon S3.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3' # Uploads an object to a bucket in Amazon Simple Storage Service (Amazon S3).## Prerequisites:## - An S3 bucket.# - An object to upload to the bucket.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The name of the bucket.# @param object_key [String] The name of the object.# @return [Boolean] true if the object was uploaded; otherwise, false.# @example# exit 1 unless object_uploaded?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt'# )def object_uploaded?(s3_client, bucket_name, object_key) response = s3_client.put_object( bucket: bucket_name, key: object_key ) if response.etag return true else return false endrescue StandardError => e puts "Error uploading object: #{e.message}" return falseend

# Full example call:def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if object_uploaded?(s3_client, bucket_name, object_key) puts "Object '#{object_key}' uploaded to bucket '#{bucket_name}'." else puts "Object '#{object_key}' not uploaded to bucket '#{bucket_name}'." endend

run_me if $PROGRAM_NAME == __FILE__

156

Page 162: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUploading an Object with

Metadata to an Amazon S3 Bucket

Uploading an Object with Metadata to an Amazon S3BucketThe following code example uploads an object to a bucket in Amazon S3, associating the specifiedmetadata with the uploaded object.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3' # Uploads an object to a bucket in Amazon Simple Storage Service (Amazon S3).# Also associates specified metadata with the uploaded object.## Prerequisites:## - An S3 bucket.# - An object to upload to the bucket.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The name of the bucket.# @param object_key [String] The name of the object.# @param metadata [Hash] Metadata to associate with the uploaded object.# @return [Boolean] true if the object was uploaded; otherwise, false.# @example# exit 1 unless object_uploaded?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt'# )def object_uploaded_with_metadata?( s3_client, bucket_name, object_key, metadata) response = s3_client.put_object( bucket: bucket_name, key: object_key, metadata: metadata ) if response.etag return true else return false endrescue StandardError => e puts "Error uploading object: #{e.message}" return falseend

# Full example call:def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' metadata = { author: 'Mary Doe', version: '1.0.0.0' } region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if object_uploaded_with_metadata?(

157

Page 163: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideDownloading an Object from an

Amazon S3 Bucket into a File

s3_client, bucket_name, object_key, metadata ) puts "Object '#{object_key}' uploaded to bucket '#{bucket_name}' " \ 'with metadata.' else puts "Object '#{object_key}' not uploaded to bucket '#{bucket_name}'." endend

run_me if $PROGRAM_NAME == __FILE__

Downloading an Object from an Amazon S3 Bucketinto a FileThe following example downloads an object from an Amazon S3 bucket.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Downloads an object from an Amazon Simple Storage Service (Amazon S3) bucket.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The name of the bucket containing the object.# @param object_key [String] The name of the object to download.# @param local_path [String] The path on your local computer to download# the object.# @return [Boolean] true if the object was downloaded; otherwise, false.# @example# exit 1 unless object_downloaded?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt',# './my-file.txt'# )def object_downloaded?(s3_client, bucket_name, object_key, local_path) s3_client.get_object( response_target: local_path, bucket: bucket_name, key: object_key )rescue StandardError => e puts "Error getting object: #{e.message}"end

def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' local_path = "./#{object_key}" region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if object_downloaded?(s3_client, bucket_name, object_key, local_path) puts "Object '#{object_key}' in bucket '#{bucket_name}' " \ "downloaded to '#{local_path}'." else puts "Object '#{object_key}' in bucket '#{bucket_name}' not downloaded." end

158

Page 164: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideChanging the Properties for an Amazon S3 Bucket Object

end

run_me if $PROGRAM_NAME == __FILE__

Changing the Properties for an Amazon S3 BucketObjectThe following code example copies an object from one Amazon S3 bucket to another. It also sets apredetermined access control list (ACL) and an Amazon S3 storage class on the copied object.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX-License-Identifier: Apache-2.0

require 'aws-sdk-s3'

# Copies an object from one Amazon Simple Storage Service (Amazon S3)# bucket to another. You can also set an access control list# (ACL) and an S3 storage class on the copied object.## Prerequisites:## - A source S3 bucket and a target S3 bucket.# - An object in the source bucket to copy.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param source_object_path [String] The path and file name of the# object to copy.# @param target_bucket_name [String] The name of the destination bucket.# @param target_object_path [String] The path and file name of the# copied object in the destination bucket.# @param canned_acl [String] A predetermined ACL. Allowed values include# 'private', 'public-read', 'public-read-write', 'authenticated-read',# 'aws-exec-read', 'bucket-owner-read', and 'bucket-owner-full-control'.# If not specified, the default is 'private'.# @param storage_class [String] The S3 storage class for the copied object.# Allowed values include 'STANDARD', 'REDUCED_REDUNDANCY', 'STANDARD_IA',# 'ONEZONE_IA', 'INTELLIGENT_TIERING', 'GLACIER', and 'DEEP_ARCHIVE'.# If not specified, the default is 'STANDARD'.# @return [Boolean] true if the object was copied; otherwise, false.# @example# exit 1 unless object_copied_with_additional_properties?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket/my-file.txt',# 'doc-example-bucket1',# 'copied-files/my-copied-file.txt',# 'bucket-owner-read',# 'STANDARD_IA'# )def object_copied_with_additional_properties?( s3_client, source_object_path, target_bucket_name, target_object_path, canned_acl = 'private', storage_class = 'STANDARD') s3_client.copy_object( bucket: target_bucket_name, copy_source: source_object_path, key: target_object_path, acl: canned_acl, storage_class: storage_class

159

Page 165: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

) return truerescue StandardError => e puts "Error copying object: #{e.message}" return falseend

# Full example call:def run_me source_object_path = 'doc-example-bucket/my-file.txt' target_bucket_name = 'doc-example-bucket1' target_object_path = 'copied-files/my-copied-file.txt' canned_acl = 'bucket-owner-read' storage_class = 'STANDARD_IA' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if object_copied_with_additional_properties?( s3_client, source_object_path, target_bucket_name, target_object_path, canned_acl, storage_class ) puts "Object copied from '#{source_object_path}' to " \ "'#{target_bucket_name}/#{target_object_path}'." else puts "Object '#{source_object_path}' not copied to " \ "'#{target_bucket_name}/#{target_object_path}'." endend

run_me if $PROGRAM_NAME == __FILE__

Encrypting Amazon S3 Bucket ItemsAmazon S3 supports encrypting Amazon S3 bucket objects on both the client and the server. To encryptobjects on the client, you perform the encryption yourself, either using keys that you create or keys thatAWS Key Management Service (AWS KMS) manages for you.

To encrypt objects on the server, you have more options.

• You can have Amazon S3 automatically encrypt objects as you upload them to a bucket. Once youconfigure a bucket with this option, every object that you upload–from that point on–is encrypted.

• You can have Amazon S3 encrypt an object when you upload it to a bucket. The disadvantage with thisapproach is that you can still upload objects that are not encrypted.

• You can have Amazon S3 encrypt an object when you upload it to a bucket. The disadvantage with thisapproach is that you can still upload objects that are not encrypted.

The following examples describe these options, from the simplest example of specifying that all objectsuploaded to a bucket are automatically encrypted, to the most complex example of using asymmetricpublic and private keys on the client. Don’t worry, we’ll explain these concepts as we go. Learn aboutencryption in Amazon S3 at Protecting Data Using Encryption.

Topics

• Server-Side Encryption (p. 161)

• Client-Side Encryption (p. 166)

160

https://docs.amazonaws.cn/AmazonS3/latest/dev/UsingEncryption.html
Page 166: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

Server-Side EncryptionTo encrypt objects on the server, you have the following options.

• You can have Amazon S3 automatically encrypt objects as you upload them to a bucket. Once youconfigure a bucket with this option, every object that you upload–from that point on–is encrypted.

• You can have Amazon S3 encrypt an object when you upload it to a bucket. The disadvantage with thisapproach is that you can still upload objects that are not encrypted.

• You can have Amazon S3 reject objects that are not encrypted when you attempt to upload them to abucket.

Learn about service-side encryption in Amazon S3 at Protecting Data Using Server-Side Encryption.

Topics• Setting Default Server-Side Encryption for an Amazon S3 Bucket (p. 161)• Encrypting an Amazon S3 Bucket Object on the Server (p. 162)• Requiring Encryption on the Server to Upload Amazon S3 Bucket Objects (p. 163)• Encrypting an Amazon S3 Bucket Object with an AWS KMS Key (p. 165)

Setting Default Server-Side Encryption for an Amazon S3 Bucket

The following code example sets the default encryption state for an Amazon S3 bucket using server-sideencryption (SSE) with an AWS KMS customer master key (CMK).

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Sets the default encryption state for an Amazon S3 bucket using# server-side encryption (SSE) with an# AWS KMS customer master key (CMK).## Prerequisites:# # - An Amazon S3 bucket.# - An AWS KMS CMK.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @param kms_master_key_id [String] The ID of the CMK.# @return [Boolean] true if the default encryption state was# successfully set; otherwise, false.# @example# exit 1 unless default_bucket_encryption_sse_cmk_set?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# '9041e78c-7a20-4db3-929e-828abEXAMPLE'# )def default_bucket_encryption_sse_cmk_set?( s3_client, bucket_name, kms_master_key_id) s3_client.put_bucket_encryption( bucket: bucket_name, server_side_encryption_configuration: { rules: [ {

161

https://docs.amazonaws.cn/AmazonS3/latest/dev/serv-side-encryption.html
Page 167: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

apply_server_side_encryption_by_default: { sse_algorithm: 'aws:kms', kms_master_key_id: kms_master_key_id } } ] } ) return truerescue StandardError => e puts "Error setting default encryption state: #{e.message}" return falseend

def run_me bucket_name = 'doc-example-bucket' kms_master_key_id = '9041e78c-7a20-4db3-929e-828abEXAMPLE' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if default_bucket_encryption_sse_cmk_set?( s3_client, bucket_name, kms_master_key_id ) puts 'Default encryption state set.' else puts 'Default encryption state not set.' endend

run_me if $PROGRAM_NAME == __FILE__

Encrypting an Amazon S3 Bucket Object on the Server

The following code example adds an encrypted object to an Amazon S3 bucket. The encryption isperformed on the server by using the aws/s3 AWS managed customer master key (CMK).

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Adds an encrypted object to an Amazon S3 bucket. The encryption is performed# on the server by using the aws/s3 AWS managed customer master key (CMK).## Prerequisites:## - An Amazon S3 bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @param object_key [String] The name to assign to the uploaded object.# @param content_to_encrypt [String] The content to be encrypted.# @return [Boolean] true if the encrypted object was successfully uploaded;# otherwise, false.# @example# exit 1 unless kms_sse_encrypted_object_uploaded?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt',# 'This is the content of my-file.txt.'# )def kms_sse_encrypted_object_uploaded?(

162

Page 168: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

s3_client, bucket_name, object_key, content_to_encrypt) s3_client.put_object( bucket: bucket_name, key: object_key, body: content_to_encrypt, server_side_encryption: 'aws:kms' ) return truerescue StandardError => e puts "Error uploading encrypted object: #{e.message}" return falseend

def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' content_to_encrypt = 'This is the content of my-file.txt.' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if kms_sse_encrypted_object_uploaded?( s3_client, bucket_name, object_key, content_to_encrypt ) puts 'Encrypted object uploaded.' else puts 'Encrypted object not uploaded.' endend

run_me if $PROGRAM_NAME == __FILE__

Requiring Encryption on the Server to Upload Amazon S3 Bucket Objects

The following code example denies uploads of objects without server-side AWS KMS encryption to anAmazon S3 bucket.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Denies uploads of objects without server-side AWS KMS encryption to# an Amazon S3 bucket.## Prerequisites:## - The Amazon S3 bucket to deny uploading objects without# server-side AWS KMS encryption.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The bucket's name.# @return [Boolean] true if a policy was added to the bucket to# deny uploading objects without server-side AWS KMS encryption;# otherwise, false.# @example# if deny_uploads_without_server_side_aws_kms_encryption?(# Aws::S3::Client.new(region: 'us-east-1'),

163

Page 169: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

# 'doc-example-bucket'# )# puts 'Policy added.'# else# puts 'Policy not added.'# enddef deny_uploads_without_server_side_aws_kms_encryption?(s3_client, bucket_name) policy = { 'Version': '2012-10-17', 'Id': 'PutObjPolicy', 'Statement': [ { 'Sid': 'DenyIncorrectEncryptionHeader', 'Effect': 'Deny', 'Principal': '*', 'Action': 's3:PutObject', 'Resource': 'arn:aws:s3:::' + bucket_name + '/*', 'Condition': { 'StringNotEquals': { 's3:x-amz-server-side-encryption': 'aws:kms' } } }, { 'Sid': 'DenyUnEncryptedObjectUploads', 'Effect': 'Deny', 'Principal': '*', 'Action': 's3:PutObject', 'Resource': 'arn:aws:s3:::' + bucket_name + '/*', 'Condition': { 'Null': { 's3:x-amz-server-side-encryption': 'true' } } } ] }.to_json s3_client.put_bucket_policy( bucket: bucket_name, policy: policy ) return truerescue StandardError => e puts "Error adding policy: #{e.message}" return falseend

# Full example call:def run_me if deny_uploads_without_server_side_aws_kms_encryption?( Aws::S3::Client.new(region: 'us-east-1'), 'doc-example-bucket' ) puts 'Policy added.' else puts 'Policy not added.' endend

run_me if $PROGRAM_NAME == __FILE__

164

Page 170: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

Encrypting an Amazon S3 Bucket Object with an AWS KMS Key

The following code example adds an encrypted object to an Amazon S3. The encryption is performed onthe server by using the specified encryption key.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'require 'digest/md5'

# Adds an encrypted object to an Amazon S3 bucket. The encryption is performed# on the server by using the specified encryption key.## Prerequisites:## - An Amazon S3 bucket.# - An AES256-GCM key.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @param object_key [String] The name to assign to the uploaded object.# @param content_to_encrypt [String] The content to be encrypted.# @param encryption_key [String] The decoded representation of the# base64-encoded encryption key string to be used for encryption.# @return [Boolean] true if the encrypted object was successfully uploaded;# otherwise, false.# @example# exit 1 unless customer_key_sse_encrypted_object_uploaded?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt',# 'This is the content of my-file.txt.',# get_random_aes_256_gcm_key # See later in this file.# )def customer_key_sse_encrypted_object_uploaded?( s3_client, bucket_name, object_key, content_to_encrypt, encryption_key) s3_client.put_object( bucket: bucket_name, key: object_key, body: content_to_encrypt, sse_customer_algorithm: 'AES256', sse_customer_key: encryption_key, sse_customer_key_md5: Digest::MD5.digest(encryption_key) ) return truerescue StandardError => e puts "Error uploading encrypted object: #{e.message}" return falseend

# Generates a random AES256-GCM key. Call this function if you do not# already have an AES256-GCM key that you want to use to encrypt the# object.## @ return [String] The generated AES256-GCM key. You must keep a record of# the key string that is reported. You will not be able to later decrypt the# contents of any object that is encrypted with this key unless you# have this key.# @ example

165

Page 171: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

# get_random_aes_256_gcm_keydef get_random_aes_256_gcm_key cipher = OpenSSL::Cipher.new('aes-256-gcm') cipher.encrypt random_key = cipher.random_key random_key_64_string = [random_key].pack('m') random_key_64 = random_key_64_string.unpack('m')[0] puts 'The base 64-encoded string representation of the randomly-' \ 'generated AES256-GCM key is:' puts random_key_64_string puts 'Keep a record of this key string. You will not be able to later ' \ 'decrypt the contents of any object that is encrypted with this key ' \ 'unless you have this key.' return random_key_64end

def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' content_to_encrypt = 'This is the content of my-file.txt.' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

# The following call generates a random AES256-GCM key. Alternatively, you can # provide a base64-encoded string representation of an existing key that # you want to use to encrypt the object. For example:# # encryption_key_string = 'XSiKrmzhtDKR9tTwJRSLjgwLhiMA82TC2z3GEXAMPLE=' # encryption_key = encryption_key_string.unpack('m')[0] encryption_key = get_random_aes_256_gcm_key

if customer_key_sse_encrypted_object_uploaded?( s3_client, bucket_name, object_key, content_to_encrypt, encryption_key ) puts 'Encrypted object uploaded.' else puts 'Encrypted object not uploaded.' endend

run_me if $PROGRAM_NAME == __FILE__

Client-Side Encryption

To encrypt objects on the client, you perform the encryption yourself, either using keys that you createor keys that AWS Key Management Service (AWS KMS) manages for you.

Learn about client-side encryption in Amazon S3 at Protecting Data Using Client-Side Encryption.

Topics

• Encrypting an Amazon S3 Bucket Object with an AWS KMS Key (p. 167)

• Decrypting an Amazon S3 Bucket Object with an AWS KMS Key (p. 168)

• Creating Public and Private Asymmetric Keys (p. 169)

• Encrypting an Amazon S3 Bucket Object with a Public Key (p. 170)

• Decrypting an Amazon S3 Bucket Object with a Private Key (p. 172)

166

https://docs.amazonaws.cn/AmazonS3/latest/dev/UsingClientSideEncryption.html
Page 172: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

Encrypting an Amazon S3 Bucket Object with an AWS KMS Key

The following code example uploads an encrypted object to an Amazon S3 bucket.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Uploads an encrypted object to an Amazon S3 bucket.## Prerequisites:## - An Amazon S3 bucket.# - An encrypted object to upload to the bucket.## @param s3_encryption_client [Aws::S3::EncryptionV2::Client]# An initialized Amazon S3 V2 encryption client.# @param bucket_name [String] The name of the bucket.# @param object_key [String] The name of the object to upload.# @param object_content [String] The content of the object to upload.# @return [Boolean] true if the object was encrypted and uploaded;# otherwise, false.# @example# s3_encryption_client = Aws::S3::EncryptionV2::Client.new(# region: 'us-east-1',# kms_key_id: '9041e78c-7a20-4db3-929e-828abEXAMPLE',# key_wrap_schema: :kms_context,# content_encryption_schema: :aes_gcm_no_padding,# security_profile: :v2# )# if encrypted_object_uploaded?(# s3_encryption_client,# 'doc-example-bucket',# 'my-file.txt',# 'This is the content of my-file.txt.'# )# puts 'Uploaded.'# else# puts 'Not uploaded.'# enddef encrypted_object_uploaded?( s3_encryption_client, bucket_name, object_key, object_content) s3_encryption_client.put_object( bucket: bucket_name, key: object_key, body: object_content ) return truerescue StandardError => e puts "Error uploading object: #{e.message}" return falseend

# Full example call:def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' region = 'us-east-1' kms_key_id = '9041e78c-7a20-4db3-929e-828abEXAMPLE' object_content = File.read(object_key)

167

Page 173: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

# Note that in the following call: # - key_wrap_schema must be kms_context for AWS KMS. # - To allow reading and decrypting objects that are encrypted by the # Amazon S3 V1 encryption client instead, use :v2_and_legacy instead of :v2. s3_encryption_client = Aws::S3::EncryptionV2::Client.new( region: region, kms_key_id: kms_key_id, key_wrap_schema: :kms_context, content_encryption_schema: :aes_gcm_no_padding, security_profile: :v2 )

if encrypted_object_uploaded?( s3_encryption_client, bucket_name, object_key, object_content ) puts 'Uploaded.' else puts 'Not uploaded.' endend

run_me if $PROGRAM_NAME == __FILE__

Decrypting an Amazon S3 Bucket Object with an AWS KMS Key

The following code example gets the contents of an encrypted object in an Amazon S3 bucket.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Gets the contents of an encrypted object in an Amazon S3 bucket.## Prerequisites:## - An Amazon S3 bucket.# - An encrypted object in the bucket to get.# # @param s3_encryption_client [Aws::S3::EncryptionV2::Client]# An initialized Amazon S3 V2 encryption client.# @param bucket_name [String] The name of the bucket.# @param object_key [String] The name of the encrypted object to get.# @return [String] If successful, the object's content; otherwise,# diagnostic information about the unsuccessful attempt.# @example# s3_encryption_client = Aws::S3::EncryptionV2::Client.new(# region: 'us-east-1',# kms_key_id: '9041e78c-7a20-4db3-929e-828abEXAMPLE',# key_wrap_schema: :kms_context,# content_encryption_schema: :aes_gcm_no_padding,# security_profile: :v2# )# puts get_decrypted_object_content(# s3_encryption_client,# 'doc-example-bucket',# 'my-file.txt'# )def get_decrypted_object_content( s3_encryption_client,

168

Page 174: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

bucket_name, object_key) response = s3_encryption_client.get_object( bucket: bucket_name, key: object_key ) if defined?(response.body) return response.body.read else return 'Error: Object content empty or unavailable.' endrescue StandardError => e return "Error getting object content: #{e.message}"end

# Full example call:def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' region = 'us-east-1' kms_key_id = '9041e78c-7a20-4db3-929e-828abEXAMPLE'

# Note that in the following call: # - key_wrap_schema must be kms_context for AWS KMS. # - To allow reading and decrypting objects that are encrypted by the # Amazon S3 V1 encryption client instead, use :v2_and_legacy instead of :v2. s3_encryption_client = Aws::S3::EncryptionV2::Client.new( region: region, kms_key_id: kms_key_id, key_wrap_schema: :kms_context, content_encryption_schema: :aes_gcm_no_padding, security_profile: :v2 )

puts get_decrypted_object_content( s3_encryption_client, bucket_name, object_key )end

run_me if $PROGRAM_NAME == __FILE__

See the complete example on GitHub.

Creating Public and Private Asymmetric Keys

The following code example creates a public and private key file pair.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'openssl'

# Creates a public and private key file pair.## @param public_key_file [File] An instance of the public key file.# @param private_key_file [File] An instance of the private key file.# @param passphrase [String] A passphrase for the private key file.# @return [Boolean] true if the public and private key files were created;# otherwise, false.# @example# public_key_file = File.new('public_key.pem', 'w')

169

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/s3/s3_get_cskms_decrypt_item.rb
Page 175: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

# private_key_file = File.new('private_key.pem', 'w')# exit 1 unless public_and_private_key_created?(# public_key_file,# private_key_file,# 'my-passphrase'# )def public_and_private_key_created?( public_key_file, private_key_file, passphrase)

key = OpenSSL::PKey::RSA.new(2048)

public_key_file.write(key.public_key.to_pem) public_key_file.close

cipher = OpenSSL::Cipher.new('AES-128-CBC') key_secure = key.export(cipher, passphrase)

private_key_file.write(key_secure) private_key_file.close

return truerescue StandardError => e puts 'Could not create the public key file, the private key file, ' \ "or both: #{e.message}"end

# Full example call:def run_me public_key_file_name = 'public_key.pem' public_key_file = File.new(public_key_file_name, 'w') private_key_file_name = 'private_key.pem' private_key_file = File.new(private_key_file_name, 'w') passphrase = 'my-passphrase'

puts "Creating public key file at '#{public_key_file_name}', and " \ "creating private key file at '#{private_key_file_name}' with passphrase " \ "'#{passphrase}'..."

if public_and_private_key_created?( public_key_file, private_key_file, passphrase) puts 'Public and private key file pair created.' else exit 1 endend

run_me if $PROGRAM_NAME == __FILE__

Encrypting an Amazon S3 Bucket Object with a Public Key

The following code example uploads an object to an Amazon S3 bucket. The object’s contents areencrypted with an RSA public key.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'require 'openssl'

170

Page 176: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

# Uploads an object to an Amazon S3 bucket. The object's contents# are encrypted with an RSA public key.## Prerequisites:## - An Amazon S3 bucket.## @param s3_encryption_client [Aws::S3::EncryptionV2::Client] An initialized# Amazon S3 encryption client.# @param bucket_name [String] The bucket's name.# @param object_key [String] The name of the object.# @param object_content [String] The content to add to the object.# @return [Boolean] true if the object was uploaded; otherwise, false.# @example# exit 1 unless object_uploaded_with_public_key_encryption?(# Aws::S3::EncryptionV2::Client.new(# encryption_key: OpenSSL::PKey::RSA.new(File.read('my-public-key.pem')),# key_wrap_schema: :rsa_oaep_sha1,# content_encryption_schema: :aes_gcm_no_padding,# security_profile: :v2,# region: 'us-east-1'# ),# 'doc-example-bucket',# 'my-file.txt',# 'This is the content of my-file.txt.'# )def object_uploaded_with_public_key_encryption?( s3_encryption_client, bucket_name, object_key, object_content) s3_encryption_client.put_object( bucket: bucket_name, key: object_key, body: object_content ) return truerescue StandardError => e puts "Error uploading object: #{e.message}" return falseend

# Full example call:# Prerequisites: an RSA key pair.def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' object_content = 'This is the content of my-file.txt.' region = 'us-east-1' public_key_file = 'my-public-key.pem' public_key = OpenSSL::PKey::RSA.new(File.read(public_key_file))

# When initializing this Amazon S3 encryption client, note: # - For key_wrap_schema, use rsa_oaep_sha1 for asymmetric keys. # - For security_profile, for reading or decrypting objects encrypted # by the v1 encryption client, use :v2_and_legacy instead. s3_encryption_client = Aws::S3::EncryptionV2::Client.new( encryption_key: public_key, key_wrap_schema: :rsa_oaep_sha1, content_encryption_schema: :aes_gcm_no_padding, security_profile: :v2, region: region )

if object_uploaded_with_public_key_encryption?(

171

Page 177: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEncrypting Amazon S3 Bucket Items

s3_encryption_client, bucket_name, object_key, object_content ) puts 'Object uploaded.' else puts 'Object not uploaded.' endend

run_me if $PROGRAM_NAME == __FILE__

Decrypting an Amazon S3 Bucket Object with a Private Key

The following code example downloads an object from an Amazon S3 bucket. The object’s contents wereoriginally encrypted with an RSA public key.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'require 'openssl'

# Downloads an object from an Amazon S3 bucket. The object's contents# were originally encrypted with an RSA public key.## Prerequisites:## - An Amazon S3 bucket.# - An object in this bucket.## @param s3_encryption_client [Aws::S3::EncryptionV2::Client] An initialized# Amazon S3 encryption client.# @param bucket_name [String] The bucket's name.# @param object_key [String] The name of the object.# @return [String] The object's content; otherwise, information about the# failed download operation.# @example# puts download_object_with_private_key_encryption(# Aws::S3::EncryptionV2::Client.new(# encryption_key: OpenSSL::PKey::RSA.new(File.read('my-private-key.pem')),# key_wrap_schema: :rsa_oaep_sha1,# content_encryption_schema: :aes_gcm_no_padding,# security_profile: :v2,# region: 'us-east-1'# ),# 'doc-example-bucket',# 'my-file.txt'# )def download_object_with_private_key_encryption( s3_encryption_client, bucket_name, object_key) response = s3_encryption_client.get_object( bucket: bucket_name, key: object_key ) return response.body.readrescue StandardError => e puts "Error downloading object: #{e.message}"end

172

Page 178: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideTriggering a Notification When an

Item is Added to an Amazon S3 Bucket

# Full example call:# Prerequisites: the same RSA key pair you originally used to encrypt the object.def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' region = 'us-east-1' private_key_file = 'my-private-key.pem' private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file))

# When initializing this Amazon S3 encryption client, note: # - For key_wrap_schema, use rsa_oaep_sha1 for asymmetric keys. # - For security_profile, for reading or decrypting objects encrypted # by the v1 encryption client, use :v2_and_legacy instead. s3_encryption_client = Aws::S3::EncryptionV2::Client.new( encryption_key: private_key, key_wrap_schema: :rsa_oaep_sha1, content_encryption_schema: :aes_gcm_no_padding, security_profile: :v2, region: region ) puts "The content of '#{object_key}' in bucket '#{bucket_name}' is:" puts download_object_with_private_key_encryption( s3_encryption_client, bucket_name, object_key )end

run_me if $PROGRAM_NAME == __FILE__

Triggering a Notification When an Item is Added toan Amazon S3 BucketThe following code example adds an event notification to an Amazon S3 bucket.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Adds an event notification to an Amazon Simple Storage Service# (Amazon S3) bucket.## Prerequisites:## - An S3 bucket.# - For an event notification to AWS Lambda, a Lambda function.# - For an event notification to Amazon Simple Notification Service# (Amazon SNS), an SNS topic.# - For an event notification to Amazon Simple Queue Service# (Amazon SQS), an SQS queue.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The name of the bucket.# @param events [Array] The S3 events to notify on.# @param send_to_type [String] The type of AWS resource to notify. Allowed# values include 'lambda' for Lambda, 'sns' for SNS, and 'sqs' for SQS.# @param resource_arn [String] The Amazon Resource Name (ARN) of the# AWS resource.# @return [Boolean] true if the bucket notification configuration was set;# otherwise, false.# @example

173

Page 179: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideTriggering a Notification When an

Item is Added to an Amazon S3 Bucket

# exit 1 unless bucket_notification_configuration_set?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# ['s3:ObjectCreated:*'],# 'sns',# 'arn:aws:sns:us-east-1:111111111111:my-topic'# )def bucket_notification_configuration_set?( s3_client, bucket_name, events, send_to_type, resource_arn) case send_to_type when 'lambda' s3_client.put_bucket_notification_configuration( bucket: bucket_name, notification_configuration: { lambda_function_configurations: [ { lambda_function_arn: resource_arn, events: events } ] } ) when 'sns' s3_client.put_bucket_notification_configuration( bucket: bucket_name, notification_configuration: { topic_configurations: [ { topic_arn: resource_arn, events: events } ] } ) when 'sqs' s3_client.put_bucket_notification_configuration( bucket: bucket_name, notification_configuration: { queue_configurations: [ { queue_arn: resource_arn, events: events } ] } ) else puts 'Error setting bucket notification configuration: ' \ "Cannot determine send-to type. Must be 'lambda', 'sns', or 'sqs'." return false end return truerescue StandardError => e puts "Error setting bucket notification configuration: #{e.message}" return falseend

# Full example call:def run_me bucket_name = 'doc-example-bucket' events = ['s3:ObjectCreated:*']

174

Page 180: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating a LifeCycle Rule Configuration

Template for an Amazon S3 Bucket

# For an SNS topic: send_to_type = 'sns' resource_arn = 'arn:aws:sns:us-east-1:111111111111:my-topic'

# For an SQS queue: # send_to_type = 'sqs' # resource_arn = 'arn:aws:sqs:us-east-1:111111111111:my-queue'

# For a Lambda function: # send_to_type = 'lambda' # resource_arn = 'arn:aws:lambda:us-east-1:111111111111:function:myFunction'

region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if bucket_notification_configuration_set?( s3_client, bucket_name, events, send_to_type, resource_arn ) puts 'Bucket notification configuration set.' else puts 'Bucket notification configuration not set.' endend

run_me if $PROGRAM_NAME == __FILE__

Creating a LifeCycle Rule Configuration Template foran Amazon S3 BucketIf you have (or plan to create) a non-trivial number of objects and want to specify when to move them tolong-term storage or delete them, you can save a lot of time by creating a template for the lifecycle rulesand applying that template to all of your Amazon S3 buckets.

The process includes these steps:

1. Manually modify the lifecycle settings on an existing bucket.

2. Save the rules.

3. Apply the rules to your other buckets.

Start with the following rule:

175

Page 181: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating a LifeCycle Rule Configuration

Template for an Amazon S3 Bucket

Run the following code to produce a JSON representation of that rule. Save the output asdefault.json.

require 'aws-sdk'

s3 = Aws::S3::Client.new(region: 'us-west-2')resp = s3.get_bucket_lifecycle_configuration(bucket: 'default')

resp.rules.each do |rule| rule.to_hash.to_jsonend

The output should look like the following.

[{"expiration":{"date":null,"days":425},"id":"default","prefix":"","status":"Enabled","transitions":[{"date":null,"days":30,"storage_class":"STANDARD_IA"},{"date":null,"days":60,"storage_class":"GLACIER"}],"noncurrent_version_transitions":[],"noncurrent_version_expiration":null}]

Now that you have the JSON for a lifecycle rule, you can apply it to any other bucket using the followingexample. The example takes the rule from default.json and applies it to the bucket other_bucket.

require 'aws-sdk'require 'json'

class Aws::S3::Types::LifecycleExpiration def to_map map = Hash.new self.members.each { |m| map[m] = self[m] }

176

Page 182: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon S3 Bucket Policy with Ruby

map end

def to_json(*a) to_map.to_json(*a) endend

class Aws::S3::Types::Transition def to_map map = Hash.new self.members.each { |m| map[m] = self[m] } map end

def to_json(*a) to_map.to_json(*a) endend

class Aws::S3::Types::LifecycleRule def to_map map = Hash.new self.members.each { |m| map[m] = self[m] } map end

def to_json(*a) to_map.to_json(*a) endend

# Pull in contents as a stringvalue = File.open('default.json', "rb").readjson_data = JSON.parse(value, opts={symbolize_names: true})

s3 = Aws::S3::Client.new(region: 'us-west-2')s3.put_bucket_lifecycle_configuration(:bucket => 'other_bucket', :lifecycle_configuration => {:rules => json_data})

NoteBest PracticeWe recommend that you enable the AbortIncompleteMultipartUpload lifecycle rule on yourAmazon S3 buckets.This rule directs Amazon S3 to abort multipart uploads that don’t complete within a specifiednumber of days after being initiated. When the set time limit is exceeded, Amazon S3 aborts theupload and then deletes the incomplete upload data.For more information, see Lifecycle Configuration for a Bucket with Versioning in the AmazonS3 User Guide.

Creating an Amazon S3 Bucket Policy with RubyThe following code example shows how to:

1. Create a bucket in Amazon S3.

2. Add a bucket policy to the bucket.

3. Change the bucket policy.

4. Remove the bucket policy from the bucket.

5. Delete the bucket.

177

https://docs.amazonaws.cn/AmazonS3/latest/API/RESTBucketPUTlifecycle.html
https://docs.amazonaws.cn/AmazonS3/latest/UG/lifecycle-configuration-bucket-with-versioning.html
Page 183: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon S3 Bucket Policy with Ruby

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

# This code example demonstrates how to:# - Create a bucket in Amazon Simple Storage Service (Amazon S3).# - Add a bucket policy to the bucket.# - Change the bucket policy.# - Remove the bucket policy from the bucket.# - Delete the bucket.

require 'aws-sdk-s3'require 'securerandom'

# Creates an Amazon Simple Storage Service (Amazon S3) bucket.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The bucket's name.# @return [Boolean] true if the bucket was created; otherwise, false.# @example# exit 1 unless bucket_created?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket'# )def bucket_created?(s3_client, bucket_name) s3_client.create_bucket(bucket: bucket_name) return truerescue StandardError => e puts "Error creating bucket: #{e.message}" return falseend

# Adds a bucket policy to an Amazon Simple Storage Service (Amazon S3) bucket.## Prerequisites:## - An S3 bucket.# - A valid AWS principal Amazon Resource Name (ARN).## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The bucket's name.# @param aws_principal [String] The ARN of the AWS principal to allow.# @param action [String] The bucket action to allow.# @return [Boolean] true if the bucket policy was added; otherwise, false.# @example# exit 1 unless bucket_policy_added?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'arn:aws:iam::111111111111:user/SomeUser',# 's3:GetObject'# )def bucket_policy_added?(s3_client, bucket_name, aws_principal, action) bucket_policy = { 'Version' => '2012-10-17', 'Statement' => [ { 'Effect' => 'Allow', 'Principal' => { 'AWS' => aws_principal }, 'Action' => action, 'Resource' => "arn:aws:s3:::#{bucket_name}/*" } ] }.to_json s3_client.put_bucket_policy(

178

Page 184: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon S3 Bucket Policy with Ruby

bucket: bucket_name, policy: bucket_policy ) return truerescue StandardError => e puts "Error adding bucket policy: #{e.message}" return falseend

# Updates the AWS principal Amazon Resource Name (ARN) in an existing# bucket policy for an Amazon Simple Storage Service (Amazon S3) bucket.## Prerequisites:## - An S3 bucket.# - A bucket policy attached to the bucket.# - A valid AWS principal ARN.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The bucket's name.# @param aws_principal [String] The ARN of the new AWS principal to allow.# @return [Boolean] true if the bucket policy was updated; otherwise, false.# @example# exit 1 unless bucket_policy_aws_principal_updated?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'arn:aws:iam::111111111111:user/SomeOtherUser'# )def bucket_policy_aws_principal_updated?( s3_client, bucket_name, new_aws_principal) bucket_policy = s3_client.get_bucket_policy(bucket: bucket_name).policy.read policy_json = JSON.parse(bucket_policy)

policy_json['Statement'][0]['Principal']['AWS'] = new_aws_principal

s3_client.put_bucket_policy( bucket: bucket_name, policy: policy_json.to_json ) return truerescue StandardError => e puts "Error updating bucket policy: #{e.message}" return falseend

# Deletes a bucket policy for an Amazon Simple Storage Service# (Amazon S3) bucket.## Prerequisites:## - An S3 bucket.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The bucket's name.# @return [Boolean] true if the bucket policy was deleted; otherwise, false.# @example# exit 1 unless bucket_policy_deleted?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket'# )def bucket_policy_deleted?(s3_client, bucket_name) s3_client.delete_bucket_policy(bucket: bucket_name) return true

179

Page 185: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideCreating an Amazon S3 Bucket Policy with Ruby

rescue StandardError => e puts "Error deleting bucket policy: #{e.message}" return falseend

# Deletes an Amazon Simple Storage Service (Amazon S3) bucket.## Prerequisites:## - An S3 bucket.## @param s3_client [Aws::S3::Client] An initialized S3 client.# @param bucket_name [String] The bucket's name.# @return [Boolean] true if the bucket was deleted; otherwise, false.# @example# exit 1 unless bucket_deleted?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket'# )def bucket_deleted?(s3_client, bucket_name) s3_client.delete_bucket(bucket: bucket_name) return truerescue StandardError => e puts "Error deleting bucket: #{e.message}" return falseend

# Full example call:def run_me aws_principal = 'arn:aws:iam::111111111111:user/SomeUser' new_aws_principal = 'arn:aws:iam::111111111111:user/SomeOtherUser' action = 's3:GetObject' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region) bucket_name = 'bucket-' + SecureRandom.uuid

if bucket_created?(s3_client, bucket_name) puts "Bucket '#{bucket_name}' created." else puts "Bucket '#{bucket_name}' not created. Stopping program." exit 1 end

if bucket_policy_added?(s3_client, bucket_name, aws_principal, action) puts 'Bucket policy added.' else puts 'Bucket policy not added.' end

if bucket_policy_aws_principal_updated?( s3_client, bucket_name, new_aws_principal ) puts 'Bucket policy updated with new AWS principal.' else puts 'Bucket policy not updated with new AWS principal.' end

if bucket_policy_deleted?(s3_client, bucket_name) puts 'Bucket policy (if any) deleted.' else puts 'Bucket policy (if any) not deleted.' end

if bucket_deleted?(s3_client, bucket_name)

180

Page 186: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideConfiguring an Amazon S3 Bucket for CORS

puts "Bucket '#{bucket_name}' deleted." else puts "Bucket '#{bucket_name}' not deleted. " \ 'You must delete this bucket yourself.' endend

run_me if $PROGRAM_NAME == __FILE__

Configuring an Amazon S3 Bucket for CORSThis following code example adds a cross-origin resource sharing (CORS) configuration containing asingle rule to an Amazon S3 bucket.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'

# Adds a cross-origin resource sharing (CORS) configuration containing# a single rule to an Amazon S3 bucket.## Prerequisites:## - An Amazon S3 bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @param allowed_methods [Array] The types of requests to allow, such as GET.# @param allowed_origins [Array] The origins to allow, for example# http://www.example.com.# @param allowed_headers [Array] The preflight request headers to allow, for# example x-amz-*.# @param expose_headers [Array] The headers in the response that you want# callers to be able to access from their applications, for example# Content-Type.# @param max_age_seconds [Integer] The maximum number of seconds# that your browser can cache the response for a preflight request# as identified by the resource, the HTTP method, and the origin.# @returns [Boolean] true if the CORS rule was successfully set;# otherwise, false.# @example# exit 1 unless if bucket_cors_rule_set?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# %w[GET PUT POST DELETE],# %w[http://www.example.com],# %w[*],# %w[x-amz-server-side-encryption x-amz-request-id x-amz-id-2],# 3000# )def bucket_cors_rule_set?( s3_client, bucket_name, allowed_methods = %w[GET PUT POST DELETE HEAD], allowed_origins = %w[*], allowed_headers = nil, expose_headers = nil, max_age_seconds = nil) methods = [] if allowed_methods.count.zero? puts 'Error: No CORS methods provided.'

181

Page 187: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideConfiguring an Amazon S3 Bucket for CORS

return false else allowed_methods.each do |method| case method.upcase when 'GET', 'PUT', 'POST', 'DELETE', 'HEAD' methods.append(method) else puts "Error: '#{method}' is not an allowed CORS method." return false end end end s3_client.put_bucket_cors( bucket: bucket_name, cors_configuration: { cors_rules: [ { allowed_headers: allowed_headers, allowed_methods: methods, allowed_origins: allowed_origins, expose_headers: expose_headers, max_age_seconds: max_age_seconds } ] } ) return truerescue StandardError => e puts "Error setting CORS methods: #{e.message}" return falseend

# Gets the cross-origin resource sharing (CORS) rules for an Amazon S3 bucket.## Prerequisites:## - An Amazon S3 bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @returns [Array<Aws::S3::Types::CORSRule>] The list of CORS rules.# @example# puts bucket_cors_rules(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket')def bucket_cors_rules(s3_client, bucket_name) response = s3_client.get_bucket_cors(bucket: bucket_name) response.cors_rulesrescue StandardError => e puts "Error getting CORS rules: #{e.message}"end

def run_me bucket_name = 'doc-example-bucket' allowed_methods = %w[GET PUT POST DELETE] allowed_origins = %w[http://www.example.com] allowed_headers = %w[*] expose_headers = %w[x-amz-server-side-encryption x-amz-request-id x-amz-id-2] max_age_seconds = 3000 region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if bucket_cors_rule_set?( s3_client, bucket_name, allowed_methods,

182

Page 188: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging Amazon S3 Bucket

and Object Access Permissions

allowed_origins, allowed_headers, expose_headers, max_age_seconds ) puts 'CORS rule set. Current rules:' puts bucket_cors_rules(s3_client, bucket_name) else puts 'CORS rule not set.' endend

run_me if $PROGRAM_NAME == __FILE__

Managing Amazon S3 Bucket and Object AccessPermissionsThe following code example shows how to:

1. Set the initial access level of an Amazon S3 bucket to private.

2. Attempt to access and upload an object to the bucket, which should fail.

3. Set the access level to public-read.

4. Attempt to access and upload an object to the bucket, which should now succeed.

5. Set the access level back to private.

6. Attempt to access and upload an object to the bucket, which should now fail.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

require 'aws-sdk-s3'require 'net/http'

# Sets the access control list (ACL) for an Amazon S3 bucket# for public access.## Prerequisites:## - An Amazon S3 bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The bucket's name.# @param access_level [String] The access level for the bucket. Allowed values# include private, public-read, public-read-write, and authenticated-read.# @return [Boolean] true if the ACL was set; otherwise, false.# @example# exit 1 unless bucket_acl_set?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'private'# )def bucket_acl_set?(s3_client, bucket_name, access_level) s3_client.put_bucket_acl( bucket: bucket_name, acl: access_level ) return truerescue StandardError => e puts "Error setting bucket ACL: #{e.message}"

183

Page 189: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging Amazon S3 Bucket

and Object Access Permissions

return falseend

# Uploads an object to an Amazon S3 bucket.## Prerequisites:## - An Amazon S3 bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The bucket's name.# @param object_key [String] The name of the object.# @param object_content [String] The content to add to the object.# @return [Boolean] true if the object was uploaded; otherwise, false.# @example# exit 1 unless object_uploaded?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt',# 'This is the content of my-file.txt.'# )def object_uploaded?(s3_client, bucket_name, object_key, object_content) s3_client.put_object( bucket: bucket_name, key: object_key, body: object_content ) return truerescue StandardError => e puts "Error uploading object: #{e.message}" return falseend

# Sets the access control list (ACL) for an object in an# Amazon S3 bucket for public access.## Prerequisites:## - An Amazon S3 bucket.# - An object in the bucket.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The bucket's name.# @param object_key [String] The name of the object.# @param access_level [String] The access level for the bucket. Allowed values# include private, public-read, public-read-write, and authenticated-read.# @return [Boolean] true if the ACL was set; otherwise, false.# @example# exit 1 unless object_acl_set?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'my-file.txt',# 'private'# )def object_acl_set?(s3_client, bucket_name, object_key, access_level) s3_client.put_object_acl( bucket: bucket_name, key: object_key, acl: access_level ) return truerescue StandardError => e puts "Error setting object ACL: #{e.message}" return falseend

184

Page 190: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideManaging Amazon S3 Bucket

and Object Access Permissions

# Prints information about the Amazon S3 bucket at the given path.## Prerequisites:## - An Amazon S3 bucket.## @param bucket_name [String] The bucket's name.# @param region [String] The AWS Region for the bucket.# @example# object_content_by_bucket_unsigned_request(# 'doc-example-bucket',# 'us-east-1'# )def object_content_by_bucket_unsigned_request(bucket_name, region) bucket_path = "https://s3.#{region}.amazonaws.com/#{bucket_name}" response = Net::HTTP.get(URI(bucket_path)) puts "Content of unsigned request to '#{bucket_path}':\n\n#{response}\n\n"end

# Prints information about the Amazon S3 object in the bucket# at the given path.## Prerequisites:## - An Amazon S3 bucket.# - An object in the bucket.## @param bucket_name [String] The bucket's name.# @param object_key [String] The name of the object in the bucket.# @param region [String] The AWS Region for the bucket.# @example# object_content_by_object_unsigned_request(# 'doc-example-bucket',# 'my-file.txt',# 'us-east-1'# )def object_content_by_object_unsigned_request(bucket_name, object_key, region) object_path = "https://s3.#{region}.amazonaws.com/#{bucket_name}/#{object_key}" response = Net::HTTP.get(URI(object_path)) puts "Content of unsigned request to '#{object_path}':\n\n#{response}\n\n"end

# Full example call:def run_me bucket_name = 'doc-example-bucket' object_key = 'my-file.txt' object_content = 'This is the content of my-file.txt.' access_level_before = 'private' access_level_after = 'public-read' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

# Set the initial access level of the bucket to 'private' # for public access. if bucket_acl_set?(s3_client, bucket_name, access_level_before) puts "1. Initial bucket ACL set to '#{access_level_before}' " \ "for public access.\n\n" else puts "1. Initial bucket ACL not set to '#{access_level_before}' " \ 'for public access. Stopping program.' exit 1 end

# What happens when you try to access the bucket? (It should be denied.) puts "2. After initial bucket ACL set to '#{access_level_before}' " \ "for public access, trying to access the bucket:\n\n"

185

Page 191: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing a Amazon S3 Bucket to Host a Website

object_content_by_bucket_unsigned_request(bucket_name, region)

# Upload an object to the bucket. if object_uploaded?(s3_client, bucket_name, object_key, object_content) puts "3. Object uploaded to bucket.\n\n" else puts '3. Object not uploaded to bucket. Stopping program. ' \ "Note that the bucket ACL is still set to '#{access_level_before}' " \ 'for public access.' exit 1 end

# What happens when you try to access the object now? # (It should still be denied.) puts "4. After object uploaded, trying to access the object:\n\n" object_content_by_object_unsigned_request(bucket_name, object_key, region)

# Now set the initial access level of the object to 'public-read' # for public access. if object_acl_set?(s3_client, bucket_name, object_key, access_level_after) puts "5. Object ACL set to '#{access_level_after}' for public access.\n\n" else puts "5. Object ACL not set to '#{access_level_after}' for public " \ 'access. Stopping program. ' \ "Note that the bucket ACL is still set to '#{access_level_before}' " \ 'for public access.' exit 1 end

# What happens when you try to access the object now? (It should now work.) puts "6. After object ACL set to '#{access_level_after}' for public " \ "access, trying to access the object:\n\n" object_content_by_object_unsigned_request(bucket_name, object_key, region)

# Now set the access level for the object to 'private' for public access. if object_acl_set?(s3_client, bucket_name, object_key, access_level_before) puts "7. Object ACL now set to '#{access_level_before}' " \ "for public access.\n\n" else puts "7. Object ACL not set to '#{access_level_before}' " \ 'for public access. Stopping program. ' \ "Note that the bucket ACL is still set to '#{access_level_before}'." exit 1 end

# What happens when you try to access the object now? # (It should now be denied.) puts "8. After object ACL set to '#{access_level_before}' " \ "for public access, trying to access the object:\n\n" object_content_by_object_unsigned_request(bucket_name, object_key, region)

puts '9. Program ends. Note that the bucket ACL is still set to ' \ "'#{access_level_before}' for public access."end

run_me if $PROGRAM_NAME == __FILE__

Using a Amazon S3 Bucket to Host a WebsiteThe following code example shows how to configure an Amazon S3 bucket as a static website.

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.# SPDX - License - Identifier: Apache - 2.0

186

Page 192: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUsing a Amazon S3 Bucket to Host a Website

require 'aws-sdk-s3'

# Configures an Amazon S3 bucket as a static website.## Prerequisites:## - An Amazon S3 bucket.# - A file in the bucket representing the website's home or# default page.# - A file in the bucket representing the website's error page.## @param s3_client [Aws::S3::Client] An initialized Amazon S3 client.# @param bucket_name [String] The name of the bucket.# @param index_document [String] The file name of the home or default page# of the website.# @param error_document [String] The file name of the page returned when a# website error occurs.# @return [Boolean] true if the bucket was successfully configured;# otherwise, false.# @example# exit 1 unless bucket_website_configured?(# Aws::S3::Client.new(region: 'us-east-1'),# 'doc-example-bucket',# 'index.html',# '404.html'# )def bucket_website_configured?( s3_client, bucket_name, index_document, error_document) s3_client.put_bucket_website( bucket: bucket_name, website_configuration: { index_document: { suffix: index_document }, error_document: { key: error_document } } ) return truerescue StandardError => e puts "Error configuring bucket as a static website: #{e.message}" return falseend

def run_me bucket_name = 'doc-example-bucket' index_document = 'index.html' error_document = '404.html' region = 'us-east-1' s3_client = Aws::S3::Client.new(region: region)

if bucket_website_configured?( s3_client, bucket_name, index_document, error_document ) puts 'Bucket configured as a static website.' else puts 'Bucket not configured as a static website.'

187

Page 193: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon SES Examples

endend

run_me if $PROGRAM_NAME == __FILE__

Amazon SES Examples Using the AWS SDK forRuby

Amazon Simple Email Service (Amazon SES) is an email platform that provides an easy, cost-effectiveway for you to send and receive email using your own email addresses and domains. You can use thefollowing examples to access Amazon SES using the AWS SDK for Ruby. For more information aboutAmazon SES, see the Amazon SES documentation.

Topics• Listing Valid Amazon SES Email Addresses (p. 188)• Verifying an Email Address in Amazon SES (p. 189)• Sending a Message to an Email Address in Amazon SES (p. 189)• Getting Amazon SES Statistics (p. 191)

Listing Valid Amazon SES Email AddressesThe following example demonstrates how to use the AWS SDK for Ruby to list the valid Amazon SESemail addresses.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-ses' # v2: require 'aws-sdk'

# Create client in us-west-2 regionclient = Aws::SES::Client.new(region: 'us-west-2')

# Get up to 1000 identitiesids = client.list_identities({ identity_type: "EmailAddress"})

ids.identities.each do |email| attrs = client.get_identity_verification_attributes({ identities: [email] })

status = attrs.verification_attributes[email].verification_status

# Display email addresses that have been verified if status == "Success"

188

http://www.amazonaws.cn/documentation/ses/
Page 194: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideVerifying an Email Address in Amazon SES

puts email endend

See the complete example on GitHub.

Verifying an Email Address in Amazon SESThe following example demonstrates how to use the AWS SDK for Ruby to verify an Amazon SES emailaddress.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-ses' # v2: require 'aws-sdk'

# Replace [email protected] with a "To" address.recipient = "[email protected]"

# Create a new SES resource in the us-west-2 region.# Replace us-west-2 with the AWS Region you're using for Amazon SES.ses = Aws::SES::Client.new(region: 'us-west-2')

# Try to verify email address.begin ses.verify_email_identity({ email_address: recipient })

puts 'Email sent to ' + recipient

# If something goes wrong, display an error message.rescue Aws::SES::Errors::ServiceError => error puts "Email not sent. Error message: #{error}"end

See the complete example on GitHub.

Sending a Message to an Email Address in AmazonSESThe following example demonstrates how to use the AWS SDK for Ruby to send a message to an AmazonSES email address.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at

189

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/ses/ses_list_emails.rb
https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/ses/ses_send_verification.rb
Page 195: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending a Message to an Email Address in Amazon SES

## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-ses' # v2: require 'aws-sdk'

# Replace [email protected] with your "From" address.# This address must be verified with Amazon SES.sender = '[email protected]'

# Replace [email protected] with a "To" address. If your account# is still in the sandbox, this address must be verified.recipient = '[email protected]'

# Specify a configuration set. To use a configuration# set, uncomment the next line and line 74.# configsetname = "ConfigSet"

# The subject line for the email.subject = 'Amazon SES test (AWS SDK for Ruby)'

# The HTML body of the email.htmlbody = '<h1>Amazon SES test (AWS SDK for Ruby)</h1>'\ '<p>This email was sent with <a href="https://aws.amazon.com/ses/">'\ 'Amazon SES</a> using the <a href="https://aws.amazon.com/sdk-for-ruby/">'\ 'AWS SDK for Ruby</a>.'

# The email body for recipients with non-HTML email clients.textbody = 'This email was sent with Amazon SES using the AWS SDK for Ruby.'

# Specify the text encoding scheme.encoding = 'UTF-8'

# Create a new SES client in the us-west-2 region.# Replace us-west-2 with the AWS Region you're using for Amazon SES.ses = Aws::SES::Client.new(region: 'us-west-2')

# Try to send the email.begin # Provide the contents of the email. ses.send_email( destination: { to_addresses: [ recipient ] }, message: { body: { html: { charset: encoding, data: htmlbody }, text: { charset: encoding, data: textbody } }, subject: { charset: encoding, data: subject } },

190

Page 196: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Amazon SES Statistics

source: sender, # Uncomment the following line to use a configuration set. # configuration_set_name: configsetname, )

puts 'Email sent to ' + recipient

# If something goes wrong, display an error message.rescue Aws::SES::Errors::ServiceError => error puts "Email not sent. Error message: #{error}"end

See the complete example on GitHub.

Getting Amazon SES StatisticsThe following example demonstrates how to use the AWS SDK for Ruby to get statistics about AmazonSES. Use this information to avoid damaging your reputation when emails are bounced or rejected.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-ses' # v2: require 'aws-sdk'

# Create a new SES resource in the us-west-2 region.# Replace us-west-2 with the AWS Region you're using for Amazon SES.ses = Aws::SES::Client.new(region: 'us-west-2')

begin # Get send statistics so we don't ruin our reputation resp = ses.get_send_statistics({})

dps = resp.send_data_points

puts "Got #{dps.count} data point(s):" puts

dps.each do |dp| puts "Timestamp: #{dp.timestamp}" #=> Time puts "Attempts: #{dp.delivery_attempts}" #=> Integer puts "Bounces: #{dp.bounces}" #=> Integer puts "Complaints: #{dp.complaints}" #=> Integer puts "Rejects: #{dp.rejects}" #-> Integer puts end

# If something goes wrong, display an error message.rescue Aws::SES::Errors::ServiceError => error puts "Error: #{error}"end

See the complete example on GitHub.

191

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/ses/ses_send_email.rb
https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/ses/ses_get_statistics.rb
Page 197: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon SNS Examples

Amazon SNS Examples Using the AWS SDK forRuby

Amazon Simple Notification Service (Amazon SNS) is a web service that enables applications, endusers, and devices to instantly send and receive notifications from the cloud. You can use the followingexamples to access Amazon SNS using the AWS SDK for Ruby. For more information about Amazon SNS,see the Amazon SNS documentation.

Topics• Getting Information about All Amazon SNS Topics (p. 192)• Creating an Amazon SNS Topic (p. 192)• Getting Information about All Subscriptions in an Amazon SNS Topic (p. 193)• Creating a Subscription in an Amazon SNS Topic (p. 193)• Sending a Message to All Amazon SNS Topic Subscribers (p. 194)• Enabling a Resource to Publish to an Amazon SNS Topic (p. 194)

Getting Information about All Amazon SNS TopicsThe following example lists the ARNs of your Amazon SNS topics in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sns' # v2: require 'aws-sdk'

sns = Aws::SNS::Resource.new(region: 'us-west-2')

sns.topics.each do |topic| puts topic.arnend

Creating an Amazon SNS TopicThe following example creates the topic MyGroovyTopic in the us-west-2 region and displays theresulting topic ARN.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS

192

http://www.amazonaws.cn/documentation/sns/
Page 198: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about All

Subscriptions in an Amazon SNS Topic

# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sns' # v2: require 'aws-sdk'

sns = Aws::SNS::Resource.new(region: 'us-west-2')

topic = sns.create_topic(name: 'MyGroovyTopic')puts topic.arn

Getting Information about All Subscriptions in anAmazon SNS TopicThe following example lists the email addresses of the Amazon SNS subscriptions for the topic with theARN arn:aws:sns:us-west-2:123456789:MyGroovyTopic in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sns' # v2: require 'aws-sdk'

sns = Aws::SNS::Resource.new(region: 'us-west-2')

topic = sns.topic('arn:aws:sns:us-west-2:123456789:MyGroovyTopic')

topic.subscriptions.each do |s| puts s.attributes['Endpoint']end

Creating a Subscription in an Amazon SNS TopicThe following example creates a subscription for the topic with the ARN arn:aws:sns:us-west-2:123456789:MyGroovyTopic for a user who has the email [email protected] in the us-west-2 region, and displays the resulting ARN. Initially theARN value is pending confirmation. When the user confirms their email address, this value becomes atrue ARN.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sns' # v2: require 'aws-sdk'

193

Page 199: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending a Message to All Amazon SNS Topic Subscribers

sns = Aws::SNS::Resource.new(region: 'us-west-2')

topic = sns.topic('arn:aws:sns:us-west-2:123456789:MyGroovyTopic')

sub = topic.subscribe({ protocol: 'email', endpoint: '[email protected]'})

puts sub.arn

Sending a Message to All Amazon SNS TopicSubscribersThe following example sends the message “Hello!” to all subscribers to the Amazon SNS topic with theARN arn:aws:sns:us-west-2:123456789:MyGroovyTopic.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sns' # v2: require 'aws-sdk'

sns = Aws::SNS::Resource.new(region: 'us-west-2')

topic = sns.topic('arn:aws:sns:us-west-2:123456789:MyGroovyTopic')

topic.publish({ message: 'Hello!'})

Enabling a Resource to Publish to an Amazon SNSTopicThe following example enables the resource with the ARN my-resource-arn to publish to the topicwith the ARN my-topic-arn in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

194

Page 200: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon SQS Examples

require 'aws-sdk-sns' # v2: require 'aws-sdk'

policy = '{ "Version":"2008-10-17", "Id":"__default_policy_ID", "Statement":[{ "Sid":"__default_statement_ID", "Effect":"Allow", "Principal":{ "AWS":"*" }, "Action":["SNS:Publish"], "Resource":"' + my-topic-arn + '", "Condition":{ "ArnEquals":{ "AWS:SourceArn":"' + my-resource-arn + '"} } }]}'

sns = Aws::SNS::Resource.new(region: 'us-west-2')

# Get topic by ARNtopic = sns.topic(my-topic-arn)

# Add policy to topictopic.set_attributes({ attribute_name: "Policy", attribute_value: policy})

Amazon SQS Examples Using the AWS SDK forRuby

Amazon Simple Queue Service (Amazon SQS) is a fully managed message queuing service that makes iteasy to decouple and scale microservices, distributed systems, and serverless applications. You can usethe following examples to access Amazon SQS using the AWS SDK for Ruby. For more information aboutAmazon SQS, see the Amazon SQS documentation.

Topics• Getting Information about All Queues in Amazon SQS (p. 196)• Creating a Queue in Amazon SQS (p. 196)• Working with Queues in Amazon SQS (p. 197)• Sending Messages in Amazon SQS (p. 198)• Sending and Receiving Messages in Amazon SQS (p. 199)• Receiving Messages in Amazon SQS (p. 201)• Receiving Messages Using Long Polling in Amazon SQS (p. 201)• Enabling Long Polling in Amazon SQS (p. 202)• Receiving Messages Using the QueuePoller Class in Amazon SQS (p. 204)• Redirecting Dead Letters in Amazon SQS (p. 206)• Deleting a Queue in Amazon SQS (p. 206)• Enabling a Resource to Publish to a Queue in Amazon SQS (p. 207)• Working with a Dead Letter Queue in Amazon SQS (p. 208)• Specifying the Message Visibility Timeout in Amazon SQS (p. 210)

195

http://www.amazonaws.cn/documentation/sqs/
Page 201: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideGetting Information about All Queues in Amazon SQS

Getting Information about All Queues in AmazonSQSThe following example lists the URLs, ARNs, messages available, and messages in flight of your AmazonSQS queues in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

queues = sqs.list_queues

queues.queue_urls.each do |url| puts 'URL: ' + url

# Get ARN, messages available, and messages in flight for queue req = sqs.get_queue_attributes( { queue_url: url, attribute_names: [ 'QueueArn', 'ApproximateNumberOfMessages', 'ApproximateNumberOfMessagesNotVisible' ] } )

arn = req.attributes['QueueArn'] msgs_available = req.attributes['ApproximateNumberOfMessages'] msgs_in_flight = req.attributes['ApproximateNumberOfMessagesNotVisible']

puts 'ARN: ' + arn puts 'Messages available: ' + msgs_available puts 'Messages in flight: ' + msgs_in_flight putsend

Creating a Queue in Amazon SQSThe following example creates the Amazon SQS queue named MyGroovyQueue in the us-west-2region and displays its URL.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at#

196

Page 202: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with Queues in Amazon SQS

# http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

queue = sqs.create_queue(queue_name: 'MyGroovyQueue')

puts queue.queue_url

Working with Queues in Amazon SQSAmazon SQS provides highly scalable hosted queues for storing messages as they travel betweenapplications or microservices. To learn more about queues, see How Amazon SQS Queues Work.

In this example, you use the AWS SDK for Ruby with Amazon SQS to:

1. Get a list of your queues by using Aws::SQS::Client#list_queues.2. Create a queue by using Aws::SQS::Client#create_queue.3. Get the queue’s URL by using Aws::SQS::Client#get_queue_url.4. Delete the queue by using Aws::SQS::Client#delete_queue.

PrerequisitesBefore running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)• Configuring the AWS SDK for Ruby (p. 8)

Example

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

# Demonstrates how to:# 1. Get a list of your queues.# 2. Create a queue.# 3. Get the queue's URL.# 4. Delete the queue.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-east-1')

197

https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-how-it-works.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#list_queues-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#create_queue-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#get_queue_url-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#delete_queue-instance_method
Page 203: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending Messages in Amazon SQS

# Get a list of your queues.sqs.list_queues.queue_urls.each do |queue_url| puts queue_urlend

# Create a queue.queue_name = "my-queue"

begin sqs.create_queue({ queue_name: queue_name, attributes: { "DelaySeconds" => "60", # Delay message delivery for 1 minute (60 seconds). "MessageRetentionPeriod" => "86400" # Delete message after 1 day (24 hours * 60 minutes * 60 seconds). } })rescue Aws::SQS::Errors::QueueDeletedRecently puts "A queue with the name '#{queue_name}' was recently deleted. Wait at least 60 seconds and try again." exit(false)end

# Get the queue's URL.queue_url = sqs.get_queue_url(queue_name: queue_name).queue_urlputs queue_url

# Delete the queue.sqs.delete_queue(queue_url: queue_url)

Sending Messages in Amazon SQSThe following example sends the message “Hello world” through the Amazon SQS queue with the URLURL in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

sqs.send_message(queue_url: URL, message_body: 'Hello world')

The following example sends the messages “Hello world” and “How is the weather?” through theAmazon SQS queue with the URL URL in the us-west-2 region.

NoteIf your queue is a FIFO queue, you must include a message_group_id parameter in addition tothe id and message_body parameters.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.

198

Page 204: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending and Receiving Messages in Amazon SQS

## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

sqs.send_message_batch({ queue_url: URL, entries: [ { id: 'msg1', message_body: 'Hello world' }, { id: 'msg2', message_body: 'How is the weather?' } ],})

Sending and Receiving Messages in Amazon SQSAfter you create a queue in Amazon SQS, you can send a message to it and then consume it. To learnmore, see Tutorial: Sending a Message to an Amazon SQS Queue and Tutorial: Receiving and Deleting aMessage from an Amazon SQS Queue.

In this example, you use the AWS SDK for Ruby with Amazon SQS to:

1. Send a message to a queue by using Aws::SQS::Client#send_message.

NoteIf your queue is a FIFO queue, you must include a message_group_id parameter in addition tothe id and message_body parameters.

1. Receive the message in the queue by using Aws::SQS::Client#receive_message.

2. Display information about the message.

3. Delete the message from the queue by using Aws::SQS::Client#delete_message.

Prerequisites

Before running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)

• Configuring the AWS SDK for Ruby (p. 8)

You also need to create the queue my-queue, which you can do in the Amazon SQS console.

199

https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-send-message.html
https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-receive-delete-message.html
https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-receive-delete-message.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#send_message-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#receive_message-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#delete_message-instance_method
Page 205: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSending and Receiving Messages in Amazon SQS

Example

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

# Demonstrates how to:# 1. Send a message to a queue.# 2. Receive the message in the queue.# 3. Display information about the message.# 4. Delete the message from the queue.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-east-1')

# Send a message to a queue.queue_name = "my-queue"

begin queue_url = sqs.get_queue_url(queue_name: queue_name).queue_url

# Create a message with three custom attributes: Title, Author, and WeeksOn. send_message_result = sqs.send_message({ queue_url: queue_url, message_body: "Information about current NY Times fiction bestseller for week of 2016-12-11.", message_attributes: { "Title" => { string_value: "The Whistler", data_type: "String" }, "Author" => { string_value: "John Grisham", data_type: "String" }, "WeeksOn" => { string_value: "6", data_type: "Number" } } })rescue Aws::SQS::Errors::NonExistentQueue puts "A queue named '#{queue_name}' does not exist." exit(false)end

puts send_message_result.message_id

# Receive the message in the queue.receive_message_result = sqs.receive_message({ queue_url: queue_url, message_attribute_names: ["All"], # Receive all custom attributes. max_number_of_messages: 1, # Receive at most one message. wait_time_seconds: 0 # Do not wait to check for the message.})

200

Page 206: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideReceiving Messages in Amazon SQS

# Display information about the message.# Display the message's body and each custom attribute value.receive_message_result.messages.each do |message| puts message.body puts "Title: #{message.message_attributes["Title"]["string_value"]}" puts "Author: #{message.message_attributes["Author"]["string_value"]}" puts "WeeksOn: #{message.message_attributes["WeeksOn"]["string_value"]}"

# Delete the message from the queue. sqs.delete_message({ queue_url: queue_url, receipt_handle: message.receipt_handle })end

Receiving Messages in Amazon SQSThe following example displays the body of up to 10 messages in the Amazon SQS queue with the URLURL in the us-west-2 region.

Notereceive_message does not guarantee to get all messages (see Properties of DistributedQueues), and by default does not delete the message.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

resp = sqs.receive_message(queue_url: URL, max_number_of_messages: 10)

resp.messages.each do |m| puts m.bodyend

Receiving Messages Using Long Polling in AmazonSQSThe following example waits up to 10 seconds to display the bodies of up to 10 messages in the AmazonSQS queue with the URL URL in the us-west-2 region.

If you do not specify a wait time, the default value is 0 (Amazon SQS does not wait).

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the

201

https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/DistributedQueues.html
https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/DistributedQueues.html
Page 207: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEnabling Long Polling in Amazon SQS

# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

resp = sqs.receive_message(queue_url: URL, max_number_of_messages: 10, wait_time_seconds: 10)

resp.messages.each do |m| puts m.bodyend

Enabling Long Polling in Amazon SQSLong polling helps lower your cost of using Amazon SQS by reducing the number of empty responsesand eliminating false empty responses. For more information about long polling, see Amazon SQS LongPolling.

In this example, you use the AWS SDK for Ruby with Amazon SQS to:

1. Create a queue and set it for long polling by using Aws::SQS::Client#create_queue.

2. Set long polling for an existing queue by using Aws::SQS::Client#set_queue_attributes.

3. Set long polling when receiving messages for a queue by using Aws::SQS::Client#receive_message.

Prerequisites

Before running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)

• Configuring the AWS SDK for Ruby (p. 8)

You also need to create the queues existing-queue and receive-queue, which you can do in the AmazonSQS console.

Example

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

202

https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-long-polling.html
https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-long-polling.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#create_queue-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#set_queue_attributes-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#receive_message-instance_method
Page 208: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEnabling Long Polling in Amazon SQS

# Demonstrates how to:# 1. Create a queue and set it for long polling.# 2. Set long polling for an existing queue.# 3. Set long polling when receiving messages for a queue.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-east-1')

# Create a queue and set it for long polling.new_queue_name = "new-queue"

create_queue_result = sqs.create_queue({ queue_name: new_queue_name, attributes: { "ReceiveMessageWaitTimeSeconds" => "20" # Wait 20 seconds to receive messages. },}) puts create_queue_result.queue_url

# Set long polling for an existing queue.begin existing_queue_name = "existing-queue" existing_queue_url = sqs.get_queue_url(queue_name: existing_queue_name).queue_url

sqs.set_queue_attributes({ queue_url: existing_queue_url, attributes: { "ReceiveMessageWaitTimeSeconds" => "20" # Wait 20 seconds to receive messages. }, })rescue Aws::SQS::Errors::NonExistentQueue puts "Cannot set long polling for a queue named '#{existing_queue_name}', as it does not exist."end

# Set long polling when receiving messages for a queue.

# 1. Using receive_message.begin receive_queue_name = "receive-queue" receive_queue_url = sqs.get_queue_url(queue_name: receive_queue_name).queue_url

puts "Begin receipt of any messages using receive_message..." receive_message_result = sqs.receive_message({ queue_url: receive_queue_url, attribute_names: ["All"], # Receive all available built-in message attributes. message_attribute_names: ["All"], # Receive any custom message attributes. max_number_of_messages: 10 # Receive up to 10 messages, if there are that many. })

puts "Received #{receive_message_result.messages.count} message(s)."rescue Aws::SQS::Errors::NonExistentQueue puts "Cannot receive messages using receive_message for a queue named '#{receive_queue_name}', as it does not exist."end

# 2. Using Aws::SQS::QueuePoller.begin puts "Begin receipt of any messages using Aws::SQS::QueuePoller..." puts "(Will keep polling until no more messages available for at least 60 seconds.)" poller = Aws::SQS::QueuePoller.new(receive_queue_url)

poller_stats = poller.poll({ max_number_of_messages: 10,

203

Page 209: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideReceiving Messages Using the

QueuePoller Class in Amazon SQS

idle_timeout: 60 # Stop polling after 60 seconds of no more messages available (polls indefinitely by default). }) do |messages| messages.each do |message| puts "Message body: #{message.body}" end end # Note: If poller.poll is successful, all received messages are automatically deleted from the queue.

puts "Poller stats:" puts " Polling started at: #{poller_stats.polling_started_at}" puts " Polling stopped at: #{poller_stats.polling_stopped_at}" puts " Last message received at: #{poller_stats.last_message_received_at}" puts " Number of polling requests: #{poller_stats.request_count}" puts " Number of received messages: #{poller_stats.received_message_count}"rescue Aws::SQS::Errors::NonExistentQueue puts "Cannot receive messages using Aws::SQS::QueuePoller for a queue named '#{receive_queue_name}', as it does not exist."end

Receiving Messages Using the QueuePoller Class inAmazon SQSThe following example uses the QueuePoller utility class to display the body of all messages inthe Amazon SQS queue with the URL URL in the us-west-2 region, and deletes the message. Afterapproximately 15 seconds of inactivity, the script times out.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

Aws.config.update({region: 'us-west-2'})

poller = Aws::SQS::QueuePoller.new(URL)

poller.poll(idle_timeout: 15) do |msg| puts msg.bodyend

The following example loops through the Amazon SQS queue with the URL URL, and waits up toduration seconds.

You can get the correct URL by executing the Amazon SQS example in Getting Information about AllQueues in Amazon SQS (p. 196).

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the

204

Page 210: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideReceiving Messages Using the

QueuePoller Class in Amazon SQS

# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

Aws.config.update({region: 'us-west-2'})

poller = Aws::SQS::QueuePoller.new(URL)

poller.poll(wait_time_seconds: duration, idle_timeout: duration + 1) do |msg| puts msg.bodyend

The following example loops through the Amazon SQS queue with the URL URL, and gives you up to thevisibility timeout seconds to process the message, represented by the method do_something.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

# Process the messagedef do_something(msg) puts msg.bodyend

Aws.config.update({region: 'us-west-2'})

poller = Aws::SQS::QueuePoller.new(URL)

poller.poll(visibility_timeout: timeout, idle_timeout: timeout + 1) do |msg| do_something(msg)end

The following example loops through the Amazon SQS queue with the URL URL, and changesthe visibility timeout seconds, for any message that needs additional processing by the methoddo_something2.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

205

Page 211: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideRedirecting Dead Letters in Amazon SQS

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

# Process the messagedef do_something(_) trueend

# Do additional processingdef do_something2(msg) puts msg.bodyend

Aws.config.update({region: 'us-west-2'})

poller = Aws::SQS::QueuePoller.new(URL)

poller.poll(idle_timeout: timeout + 1) do |msg| if do_something(msg) # need more time for processing poller.change_message_visibility_timeout(msg, timeout)

do_something2(msg) endend

Redirecting Dead Letters in Amazon SQSThe following example redirects any dead letters from the queue with the URL URL to the queue with theARN ARN.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

sqs.set_queue_attributes({ queue_url: URL, attributes: { 'RedrivePolicy' => "{\"maxReceiveCount\":\"5\", \"deadLetterTargetArn\":\"#{ARN}\"}" }})

Deleting a Queue in Amazon SQSThe following example deletes the Amazon SQS queue with the URL URL in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.

206

Page 212: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideEnabling a Resource to Publish to a Queue in Amazon SQS

## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

sqs.delete_queue(queue_url: URL)

Enabling a Resource to Publish to a Queue in AmazonSQSThe following example enables the resource with the ARN my-resource-arn to publish to the queuewith the ARN my-queue-arn and URL my-queue-url in the us-west-2 region.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-west-2')

policy = '{ "Version":"2008-10-17", "Id":' + my-queue-arn + '/SQSDefaultPolicy", "Statement":[{ "Sid":"__default_statement_ID", "Effect":"Allow", "Principal":{ "AWS":"*" }, "Action":["SQS:SendMessage"], "Resource":"' + my-queue-arn + '", "Condition":{ "ArnEquals":{ "AWS:SourceArn":"' + my-resource-arn + '"} } }]}'

sqs.set_queue_attributes({ queue_url: my-queue-url, attributes: { Policy: policy }

207

Page 213: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with a Dead Letter Queue in Amazon SQS

})

Working with a Dead Letter Queue in Amazon SQSAmazon SQS provides support for dead letter queues. A dead letter queue is a queue that other (source)queues can target for messages that can’t be processed successfully. You can set aside and isolatethese messages in the dead letter queue to determine why their processing didn’t succeed. For moreinformation about dead letter queues, see Using Amazon SQS Dead Letter Queues.

In this example, you use the AWS SDK for Ruby with Amazon SQS to:

1. Create a queue that represents a dead letter queue by using Aws::SQS::Client#create_queue.

2. Associate the dead letter queue with an existing queue by usingAws::SQS::Client#set_queue_attributes.

3. Send a message to the existing queue by using Aws::SQS::Client#send_message.

4. Poll the queue by using Aws::SQS::QueuePoller.

5. Receive messages in the dead letter queue by using Aws::SQS::Client#receive_message.

PrerequisitesBefore running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)

• Configuring the AWS SDK for Ruby (p. 8)

You also need to use the AWS Management Console to create the existing queue, my-queue.

NoteFor the sake of simplicity, this example code doesn’t demonstrateAws::SQS::Client#add_permission. In a real-world scenario, you should always restrict access toactions such as SendMessage, ReceiveMessage, DeleteMessage, and DeleteQueue. Not doing socould cause information disclosure, denial of service, or injection of messages into your queues.

Example

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

# Demonstrates how to:# 1. Create a queue representing a dead letter queue.# 2. Associate the dead letter queue with an existing queue.

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

# Uncomment for Windows.

208

https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#create_queue-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#set_queue_attributes-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#send_message-instance_method
https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/SQS/QueuePoller.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#receive_message-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#add_permission-instance_method
Page 214: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideWorking with a Dead Letter Queue in Amazon SQS

# Aws.use_bundled_cert!

sqs = Aws::SQS::Client.new(region: 'us-east-1')

# Create a queue representing a dead letter queue.dead_letter_queue_name = "dead-letter-queue"

sqs.create_queue({ queue_name: dead_letter_queue_name})

# Get the dead letter queue's URL and ARN, so that you can associate it with an existing queue.dead_letter_queue_url = sqs.get_queue_url(queue_name: dead_letter_queue_name).queue_url

dead_letter_queue_arn = sqs.get_queue_attributes({ queue_url: dead_letter_queue_url, attribute_names: ["QueueArn"]}).attributes["QueueArn"]

# Associate the dead letter queue with an existing queue.begin queue_name = "my-queue" queue_url = sqs.get_queue_url(queue_name: queue_name).queue_url

# Use a redrive policy to specify the dead letter queue and its behavior. redrive_policy = { "maxReceiveCount" => "5", # After the queue receives the same message 5 times, send that message to the dead letter queue. "deadLetterTargetArn" => dead_letter_queue_arn }.to_json

sqs.set_queue_attributes({ queue_url: queue_url, attributes: { "RedrivePolicy" => redrive_policy } })

rescue Aws::SQS::Errors::NonExistentQueue puts "A queue named '#{queue_name}' does not exist." exit(false)end

# Send a message to the queue.puts "Sending a message..."

sqs.send_message({ queue_url: queue_url, message_body: "I hope I get moved to the dead letter queue."})

30.downto(0) do |i| print "\rWaiting #{i} second(s) for sent message to be receivable..." sleep(1)end

puts "\n"

poller = Aws::SQS::QueuePoller.new(queue_url)# Receive 5 messages max and stop polling after 20 seconds of no received messages.poller.poll(max_number_of_messages:5, idle_timeout: 20) do |messages| messages.each do |msg| puts "Received message ID: #{msg.message_id}" endend

209

Page 215: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideSpecifying the Message Visibility Timeout in Amazon SQS

# Check to see if Amazon SQS moved the message to the dead letter queue.receive_message_result = sqs.receive_message({ queue_url: dead_letter_queue_url, max_number_of_messages: 1})

if receive_message_result.messages.count > 0 puts "\n#{receive_message_result.messages[0].body}"else puts "\nNo messages received."end

Specifying the Message Visibility Timeout in AmazonSQSIn Amazon SQS, immediately after a message is received, it remains in the queue. To prevent otherconsumers from processing the message again, Amazon SQS sets a visibility timeout. This is a period oftime during which Amazon SQS prevents other consuming components from receiving and processingthe message. To learn more, see Visibility Timeout.

In this example, you use the AWS SDK for Ruby with Amazon SQS to:

1. Get the URL of an existing queue by using Aws::SQS::Client#get_queue_url.

2. Receive up to 10 messages by using Aws::SQS::Client#receive_message.

3. Specify the time interval during which messages are not visible after they are received, by usingAws::SQS::Client#change_message_visibility.

PrerequisitesBefore running the example code, you need to install and configure the AWS SDK for Ruby, as describedin:

• Installing the AWS SDK for Ruby (p. 4)

• Configuring the AWS SDK for Ruby (p. 8)

You also need to create the queue my-queue, which you can do in the Amazon SQS console.

Example

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

# Demonstrates how to specify the time interval during which messages to a queue are not visible after being received.

210

https://docs.amazonaws.cn/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#get_queue_url-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#receive_message-instance_method
https://docs.amazonaws.cn/sdkforruby/api/Aws/SQS/Client.html#change_message_visibility-instance_method
Page 216: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon WorkDocs Examples

require 'aws-sdk-sqs' # v2: require 'aws-sdk'

sqs = Aws::SQS::Client.new(region: 'us-east-1')

begin queue_name = "my-queue" queue_url = sqs.get_queue_url(queue_name: queue_name).queue_url

receive_message_result_before = sqs.receive_message({ queue_url: queue_url, max_number_of_messages: 10 # Receive up to 10 messages, if there are that many. })

puts "Before attempting to change message visibility timeout: received #{receive_message_result_before.messages.count} message(s)."

receive_message_result_before.messages.each do |message| sqs.change_message_visibility({ queue_url: queue_url, receipt_handle: message.receipt_handle, visibility_timeout: 30 # This message will not be visible for 30 seconds after first receipt. }) end

# Try to retrieve the original messages after setting their visibility timeout. receive_message_result_after = sqs.receive_message({ queue_url: queue_url, max_number_of_messages: 10 })

puts "\nAfter attempting to change message visibility timeout: received #{receive_message_result_after.messages.count} message(s)."

rescue Aws::SQS::Errors::NonExistentQueue puts "Cannot receive messages for a queue named '#{receive_queue_name}', as it does not exist."end

Amazon WorkDocs ExamplesYou can use the following examples to access Amazon WorkDocs (Amazon WorkDocs) using the AWS SDKfor Ruby. For more information about Amazon WorkDocs, see the Amazon WorkDocs documentation.

You need your organization ID to use these examples. Get you organization ID from the AWS consoleusing the following steps:

• Select the AWS Directory Service• Select Directories

The organization ID is the Directory ID corresponding to your Amazon WorkDocs site.

Examples

Topics• Listing Users (p. 212)• Listing User Docs (p. 212)

211

http://www.amazonaws.cn/documentation/workdocs/
Page 217: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideListing Users

Listing UsersThe following example lists the names, email addresses, and root folders of all users in the organization.Choose Copy to save the code locally, or see the link to the complete example at the end of this topic.

1. Require the AWS SDK for Ruby module and create a Amazon WorkDocs client.

2. Call describe_users with your organization ID, and get all of the user names in ascending order.

1. Display the information about the users.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-workdocs' # v2: require 'aws-sdk'

client = Aws::WorkDocs::Client.new(region: 'us-west-2')

# Set to the OrganizationId of your WorkDocs siteorgId = 'd-123456789c'

resp = client.describe_users({ organization_id: orgId, include: "ALL", # accepts ALL, ACTIVE_PENDING order: "ASCENDING", # accepts ASCENDING, DESCENDING sort: "USER_NAME", # accepts USER_NAME, FULL_NAME, STORAGE_LIMIT, USER_STATUS, STORAGE_USED})

resp.users.each do |user| puts "First name: #{user.given_name}" puts "Last name: #{user.surname}" puts "Email: #{user.email_address}" puts "Root folder: #{user.root_folder_id}" putsend

See the complete example on GitHub.

Listing User DocsThe following example lists the documents for a user. Choose Copy to save the code locally, or see thelink to the complete example at the end of this topic.

1. Require the AWS SDK for Ruby module.

2. Create a helper method to get the root folder of a user.

3. Create a Amazon WorkDocs client.

4. Get the root folder for that user.

212

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/workdocs/wd_list_users.rb
Page 218: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideListing User Docs

5. Call describe_folder_contents to get the contents of the folder in ascending order.

6. Display the name, size (in bytes), last modified date, document ID and version ID for each document inthe user’s root folder.

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.## This file is licensed under the Apache License, Version 2.0 (the "License").# You may not use this file except in compliance with the License. A copy of the# License is located at## http://aws.amazon.com/apache2.0/## This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS# OF ANY KIND, either express or implied. See the License for the specific# language governing permissions and limitations under the License.

require 'aws-sdk-workdocs' # v2: require 'aws-sdk'

def get_user_folder(client, orgId, user_email) root_folder = ''

resp = client.describe_users({ organization_id: orgId, })

# resp.users should have only one entry resp.users.each do |user| if user.email_address == user_email root_folder = user.root_folder_id end end

return root_folderend

client = Aws::WorkDocs::Client.new(region: 'us-west-2')

# Set to the email address of a useruser_email = 'someone@somewhere'

# Set to the OrganizationId of your WorkDocs site.orgId = 'd-123456789c'

user_folder = get_user_folder(client, orgId, user_email)

if user_folder == '' puts 'Could not get root folder for user with email address ' + user_email exit(1)end

resp = client.describe_folder_contents({ folder_id: user_folder, # required sort: "NAME", # accepts DATE, NAME order: "ASCENDING", # accepts ASCENDING, DESCENDING})

resp.documents.each do |doc| md = doc.latest_version_metadata

puts "Name: #{md.name}" puts "Size (bytes): #{md.size}" puts "Last modified: #{doc.modified_timestamp}" puts "Doc ID: #{doc.id}" puts "Version ID: #{md.id}"

213

Page 219: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideListing User Docs

putsend

See the complete example on GitHub.

214

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/workdocs/wd_list_user_docs.rb
Page 220: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideAmazon EC2 Tips and Tricks

AWS SDK for Ruby Tips and TricksThis section provides tips and tricks on using the AWS SDK for Ruby with AWS services.

Topics• Amazon EC2 Tips and Tricks (p. 215)

Amazon EC2 Tips and TricksThis section provides some tips to help you use the AWS SDK for Ruby with Amazon Elastic ComputeCloud (Amazon EC2) services. For more information about Amazon EC2, see the Amazon EC2 GettingStarted Guide.

Switching Elastic IPsThe following example associates the Elastic IP address with the instance represented by i-12345678.

ec2 = Aws::EC2::Client.new

resp = ec2.allocate_addressec2.associate_address(instance_id:"i-12345678", allocation_id: resp.allocation_id)

215

https://docs.amazonaws.cn/AWSEC2/latest/GettingStartedGuide/
https://docs.amazonaws.cn/AWSEC2/latest/GettingStartedGuide/
Page 221: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideData Protection

Security for this AWS Product orService

Cloud security at Amazon Web Services (AWS) is the highest priority. As an AWS customer, you benefitfrom a data center and network architecture that is built to meet the requirements of the mostsecurity-sensitive organizations. Security is a shared responsibility between AWS and you. The SharedResponsibility Model describes this as Security of the Cloud and Security in the Cloud.

Security of the Cloud– AWS is responsible for protecting the infrastructure that runs all of the servicesoffered in the AWS Cloud and providing you with services that you can use securely. Our securityresponsibility is the highest priority at AWS, and the effectiveness of our security is regularly tested andverified by third-party auditors as part of the AWS Compliance Programs.

Security in the Cloud– Your responsibility is determined by the AWS service you are using, and otherfactors including the sensitivity of your data, your organization’s requirements, and applicable laws andregulations.

Topics• Data Protection in this AWS Product or Service (p. 216)• Identity and Access Management for this AWS Product or Service (p. 217)• Compliance Validation for this AWS Product or Service (p. 217)• Resilience for this AWS Product or Service (p. 218)• Infrastructure Security for this AWS Product or Service (p. 218)• Using TLS 1.2 in this AWS Product or Service (p. 218)• Amazon S3 Encryption Client Migration (p. 219)

Data Protection in this AWS Product or ServiceThe shared responsibility model applies to data protection in this AWS product or service. As describedin this model, AWS is responsible for protecting the global infrastructure that runs all of the AWS Cloud.You are responsible for maintaining control over your content that is hosted on this infrastructure. Thiscontent includes the security configuration and management tasks for the AWS services that you use. Formore information about data privacy, see the Data Privacy FAQ. For information about data protection inEurope, see the AWS Shared Responsibility Model and GDPR blog post on the AWS Security Blog.

For data protection purposes, we recommend that you protect AWS account credentials and set upindividual user accounts with AWS Identity and Access Management (IAM). That way each user is givenonly the permissions necessary to fulfill their job duties. We also recommend that you secure your datain the following ways:

• Use multi-factor authentication (MFA) with each account.• Use SSL/TLS to communicate with AWS resources. We recommend TLS 1.2 or later.• Set up API and user activity logging with AWS CloudTrail.• Use AWS encryption solutions, with all default security controls within AWS services.• Use advanced managed security services such as Amazon Macie, which assists in discovering and

securing personal data that is stored in Amazon S3.

216

http://www.amazonaws.cn/compliance/shared-responsibility-model/
http://www.amazonaws.cn/compliance/shared-responsibility-model/
http://www.amazonaws.cn/compliance/programs/
http://www.amazonaws.cn/compliance/shared-responsibility-model
http://www.amazonaws.cn/compliance/data-privacy-faq
http://amazonaws-china.com/blogs/security/the-aws-shared-responsibility-model-and-gdpr
Page 222: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideIdentity and Access Management

• If you require FIPS 140-2 validated cryptographic modules when accessing AWS through a commandline interface or an API, use a FIPS endpoint. For more information about the available FIPS endpoints,see Federal Information Processing Standard (FIPS) 140-2.

We strongly recommend that you never put sensitive identifying information, such as your customers’account numbers, into free-form fields such as a Name field. This includes when you work with thisAWS product or service or other AWS services using the console, API, AWS CLI, or AWS SDKs. Any datathat you enter into this AWS product or service or other services might get picked up for inclusion indiagnostic logs. When you provide a URL to an external server, don’t include credentials information inthe URL to validate your request to that server.

Identity and Access Management for this AWSProduct or Service

AWS Identity and Access Management (IAM) is an Amazon Web Services (AWS) service that helpsan administrator securely control access to AWS resources. IAM administrators control who can beauthenticated (signed in) and authorized (have permissions) to use resources AWS services. IAM is an AWSservice that you can use with no additional charge.

To use this AWS product or service to access AWS, you need an AWS account and AWS credentials. Toincrease the security of your AWS account, we recommend that you use an IAM user to provide accesscredentials instead of using your AWS account credentials.

For details about working with IAM, see IAM.

For an overview of IAM users and why they are important for the security of your account, see AWSSecurity Credentials in the Amazon Web Services General Reference.

This AWS product or service follows the shared responsibility model through the specific Amazon WebServices (AWS) services it supports. For AWS service security information, see the AWS service securitydocumentation page and AWS services that are in scope of AWS compliance efforts by complianceprogram.

Compliance Validation for this AWS Product orService

This AWS product or service follows the shared responsibility model through the specific Amazon WebServices (AWS) services it supports. For AWS service security information, see the AWS service securitydocumentation page and AWS services that are in scope of AWS compliance efforts by complianceprogram.

The security and compliance of Amazon Web Services (AWS) services is assessed by third-party auditorsas part of multiple AWS compliance programs. These include SOC, PCI, FedRAMP, HIPAA, and others.AWS provides a frequently updated list of AWS services in scope of specific compliance programs at AWSServices in Scope by Compliance Program.

Third-party audit reports are available for you to download using AWS Artifact. For more information,see Downloading Reports in AWS Artifact.

For more information about AWS compliance programs, see AWS Compliance Programs.

217

http://www.amazonaws.cn/compliance/fips
http://www.amazonaws.cn/iam/
https://docs.amazonaws.cn/general/latest/gr/aws-security-credentials.html
https://docs.amazonaws.cn/general/latest/gr/aws-security-credentials.html
https://docs.amazonaws.cn/general/latest/gr/
http://www.amazonaws.cn/compliance/shared-responsibility-model
http://www.amazonaws.cn/security/?id=docs_gateway#aws-security
http://www.amazonaws.cn/security/?id=docs_gateway#aws-security
http://www.amazonaws.cn/compliance/services-in-scope/
http://www.amazonaws.cn/compliance/services-in-scope/
http://www.amazonaws.cn/compliance/shared-responsibility-model
http://www.amazonaws.cn/security/?id=docs_gateway#aws-security
http://www.amazonaws.cn/security/?id=docs_gateway#aws-security
http://www.amazonaws.cn/compliance/services-in-scope/
http://www.amazonaws.cn/compliance/services-in-scope/
http://www.amazonaws.cn/compliance/services-in-scope/
http://www.amazonaws.cn/compliance/services-in-scope/
https://docs.amazonaws.cn/artifact/latest/ug/downloading-documents.html
http://www.amazonaws.cn/compliance/programs/
Page 223: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideResilience

Your compliance responsibility when using this AWS product or service to access an AWS service isdetermined by the sensitivity of your data, your organization’s compliance objectives, and applicablelaws and regulations. If your use of an AWS service is subject to compliance with standards such asHIPAA, PCI, or FedRAMP, AWS provides resources to help:

• Security and Compliance Quick Start Guides– Deployment guides that discuss architecturalconsiderations and provide steps for deploying security-focused and compliance-focused baselineenvironments on AWS.

• Architecting for HIPAA Security and Compliance Whitepaper– A whitepaper that describes howcompanies can use AWS to create HIPAA-compliant applications.

• AWS Compliance Resources– A collection of workbooks and guides that might apply to your industryand location.

• AWS Config– A service that assesses how well your resource configurations comply with internalpractices, industry guidelines, and regulations.

• AWS Security Hub– A comprehensive view of your security state within AWS that helps you check yourcompliance with security industry standards and best practices.

Resilience for this AWS Product or ServiceThe Amazon Web Services (AWS) global infrastructure is built around AWS Regions and AvailabilityZones.

AWS Regions provide multiple physically separated and isolated Availability Zones, which are connectedwith low-latency, high-throughput, and highly redundant networking.

With Availability Zones, you can design and operate applications and databases that automatically failover between Availability Zones without interruption. Availability Zones are more highly available, faulttolerant, and scalable than traditional single or multiple data center infrastructures.

For more information about AWS Regions and Availability Zones, see AWS Global Infrastructure.

This AWS product or service follows the shared responsibility model through the specific Amazon WebServices (AWS) services it supports. For AWS service security information, see the AWS service securitydocumentation page and AWS services that are in scope of AWS compliance efforts by complianceprogram.

Infrastructure Security for this AWS Product orService

This AWS product or service follows the shared responsibility model through the specific Amazon WebServices (AWS) services it supports. For AWS service security information, see the AWS service securitydocumentation page and AWS services that are in scope of AWS compliance efforts by complianceprogram.

For information about AWS security processes, see the AWS: Overview of Security Processes whitepaper.

Using TLS 1.2 in this AWS Product or ServiceCommunication between the AWS SDK for Ruby and AWS is secured using Secure Sockets Layer(SSL) or Transport Layer Security (TLS). All versions of SSL, and versions of TLS earlier than 1.2, have

218

http://www.amazonaws.cn/quickstart/?quickstart-all.sort-by=item.additionalFields.updateDate&amp;quickstart-all.sort-order=desc&amp;awsf.quickstart-homepage-filter=categories%23security-identity-compliance
https://d0.awsstatic.com/whitepapers/compliance/AWS_HIPAA_Compliance_Whitepaper.pdf
http://www.amazonaws.cn/compliance/resources/
http://www.amazonaws.cn/config/
http://www.amazonaws.cn/security-hub
http://www.amazonaws.cn/about-aws/global-infrastructure/
http://www.amazonaws.cn/compliance/shared-responsibility-model
http://www.amazonaws.cn/security/?id=docs_gateway#aws-security
http://www.amazonaws.cn/security/?id=docs_gateway#aws-security
http://www.amazonaws.cn/compliance/services-in-scope/
http://www.amazonaws.cn/compliance/services-in-scope/
http://www.amazonaws.cn/compliance/shared-responsibility-model
http://www.amazonaws.cn/security/?id=docs_gateway#aws-security
http://www.amazonaws.cn/security/?id=docs_gateway#aws-security
http://www.amazonaws.cn/compliance/services-in-scope/
http://www.amazonaws.cn/compliance/services-in-scope/
https://d0.awsstatic.com/whitepapers/Security/AWS_Security_Whitepaper.pdf
Page 224: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideChecking the OpenSSL version

vulnerabilities that can compromise the security of your communication with AWS. For this reason, youshould make sure that you’re using the AWS SDK for Ruby with a version of Ruby that supports TLSversion 1.2 or later.

Ruby uses the OpenSSL library to secure HTTP connections. Supported versions of Ruby (1.9.3 andlater) installed through system package managers (yum, apt, and others), an official installer, or Rubymanagers (rbenv, RVM, and others) typically incorporate OpenSSL 1.0.1 or later, which supports TLS 1.2.

When used with a supported version of Ruby with OpenSSL 1.0.1 or later, the AWS SDK for Ruby prefersTLS 1.2, and uses the latest version of SSL or TLS supported by both the client and server. This is alwaysat least TLS 1.2 for AWS services. (The SDK uses the Ruby Net::HTTP class with use_ssl=true.)

Checking the OpenSSL versionTo make sure your installation of Ruby is using OpenSSL 1.0.1 or later, enter the following command.

ruby -r openssl -e 'puts OpenSSL::OPENSSL_VERSION'

An alternative way to get the OpenSSL version is to query the openssl executable directly. First, locatethe appropriate executable using the following command.

ruby -r rbconfig -e 'puts RbConfig::CONFIG["configure_args"]'

The output should have --with-openssl-dir=/path/to/openssl indicating the location of theOpenSSL installation. Make a note of this path. To check the version of OpenSSL, enter the followingcommands.

cd /path/to/opensslbin/openssl version

This latter method might not work with all installations of Ruby.

Upgrading TLS supportIf the version of OpenSSL used by your Ruby installation is earlier than 1.0.1, upgrade your Ruby orOpenSSL installation using your system package manager, Ruby installer, or Ruby manager, as describedin Ruby’s installation guide. If you’re installing Ruby from source, install the latest OpenSSL first, andthen pass --with-openssl-dir=/path/to/upgraded/openssl when running ./configure.

Amazon S3 Encryption Client MigrationThis topic shows how to migrate your applications from Version 1 (V1) of the Amazon Simple StorageService (Amazon S3) encryption client to Version 2 (V2), and ensure application availability throughoutthe migration process.

Migration OverviewThis migration happens in two phases:

1. Update existing clients to read new formats. First, deploy an updated version of the AWS SDK forRuby to your application. This will allow existing V1 encryption clients to decrypt objects written by thenew V2 clients. If your application uses multiple AWS SDKs, you must upgrade each SDK separately.

219

https://www.ruby-lang.org/en/documentation/installation/#package-management-systems
https://www.ruby-lang.org/en/documentation/installation/#installers
https://www.ruby-lang.org/en/documentation/installation/#managers
https://www.ruby-lang.org/en/documentation/installation/
https://www.ruby-lang.org/en/documentation/installation/#building-from-source
https://www.openssl.org/source/
Page 225: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideUpdate Existing Clients to Read New Formats

2. Migrate encryption and decryption clients to V2. Once all of your V1 encryption clients can read newformats, you can migrate your existing encryption and decryption clients to their respective V2 versions.

Update Existing Clients to Read New FormatsThe V2 encryption client uses encryption algorithms that older versions of the client don’t support.The first step in the migration is to update your V1 decryption clients to the latest SDK release. Aftercompleting this step, your application’s V1 clients will be able to decrypt objects encrypted by V2encryption clients. See details below for each major version of the AWS SDK for Ruby.

Update AWS SDK for Ruby Version 3Version 3 is the latest version of the AWS SDK For Ruby. To complete this migration, you need to useversion 1.76.0 or later of the aws-sdk-s3 gem.

Installing from the Command Line

For projects that install the aws-sdk-s3 gem, use the version option to verify that the minimum versionof 1.76.0 is installed.

gem install aws-sdk-s3 -v '>= 1.76.0'

Using Gemfiles

For projects that use a Gemfile to manage dependencies, set the minimum version of the aws-sdk-s3gem to 1.76.0. For example:

gem 'aws-sdk-s3', '>= 1.76.0'

1. Modify your Gemfile.2. Run bundle update aws-sdk-s3. To verify your version, run bundle info aws-sdk-s3.

Upgdate AWS SDK for Ruby Version 2Version 2 of the AWS SDK for Ruby will enter maintenance mode on November 21st, 2021. To completethis migration, you need to use version 2.11.562 or later of the aws-sdk gem.

Installing from the Command Line

For projects that install the aws-sdk gem, from the command line, use the version option to verify thatthe minimum version of 2.11.562 is installed.

gem install aws-sdk -v '>= 2.11.562'

Using Gemfiles

For projects that use a Gemfile to manage dependencies, set the minimum version of the aws-sdk gemto 2.11.562. For example:

gem 'aws-sdk', '>= 2.11.562'

1. Modify your Gemfile. If you have a Gemfile.lock file, delete or update it.2. Run bundle update aws-sdk. To verify your version, run bundle info aws-sdk.

220

http://amazonaws-china.com/blogs/developer/deprecation-schedule-for-aws-sdk-for-ruby-v2/
Page 226: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideMigrate Encryption and Decryption Clients to V2

Migrate Encryption and Decryption Clients to V2After updating your clients to read the new encryption formats, you can update your applications to theV2 encryption and decryption clients. The following steps show you how to successfully migrate yourcode from V1 to V2.

Before updating your code to use the V2 encryption client, ensure that you have followed the precedingsteps and are using the aws-sdk-s3 gem version 2.11.562 or later.

NoteWhen decrypting with AES-GCM, read the entire object to the end before you start using thedecrypted data. This is to verify that the object has not been modified since it was encrypted.

Configuring V2 Encryption ClientsThe EncryptionV2::Client requires additional configuration. For detailed configuration information, seethe EncryptionV2::Client documentation or the examples provided later in this topic.

1. The key wrap method and content encryption algorithm must be specified on client construction.When creating a new EncryptionV2::Client, you need to provide values for key_wrap_schema andcontent_encryption_schema.

key_wrap_schema - If you are using AWS KMS, this must be set to :kms_context. If you are using asymmetric (AES) key, it must be set to :aes_gcm. If you are using an asymmetric (RSA) key, it must be setto :rsa_oaep_sha1.

content_encryption_schema - This must be set to :aes_gcm_no_padding.

2. security_profile must be specified on client construction. When creating a newEncryptionV2::Client, you need to provide a value for security_profile. Thesecurity_profile parameter determines the support for reading objects written using the older V1Encryption::Client. There are two values: :v2 and :v2_and_legacy. To support migration, set thesecurity_profile to :v2_and_legacy. Use :v2 only for new application development.

3. AWS KMS CMK ID is enforced by default. In V1, Encryption::Client, the kms_key_id used tocreate the client was not provided to the AWS KMS Decrypt call. AWS KMS can get this informationfrom metadata and add it to the symmetric ciphertext blob. In V2, E`ncryptionV2::Client`, thekms_key_id is passed to the AWS KMS Decrypt call, and the call fails if it does not match the keyused to encrypt the object. If your code previously relied on not setting a specific kms_key_id,either set kms_key_id: :kms_allow_decrypt_with_any_cmk on client creation or setkms_allow_decrypt_with_any_cmk: true on get_object calls.

Example: Using a Symmetric (AES) KeyPre-migration

client = Aws::S3::Encryption::Client.new(encryption_key: aes_key)client.put_object(bucket: bucket, key: key, body: secret_data)resp = client.get_object(bucket: bucket, key: key)

Post-migration

client = Aws::S3::EncryptionV2::Client.new( encryption_key: rsa_key, key_wrap_schema: :rsa_oaep_sha1, # the key_wrap_schema must be rsa_oaep_sha1 for asymmetric keys content_encryption_schema: :aes_gcm_no_padding,

221

https://docs.amazonaws.cn/sdk-for-ruby/v3/api/Aws/S3/EncryptionV2/Client.html#initialize-instance_method
Page 227: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideMigrate Encryption and Decryption Clients to V2

security_profile: :v2_and_legacy # to allow reading/decrypting objects encrypted by the V1 encryption client )client.put_object(bucket: bucket, key: key, body: secret_data) # No changesresp = client.get_object(bucket: bucket, key: key) # No changes

Example: Using AWS KMS with kms_key_idPre-migration

client = Aws::S3::Encryption::Client.new(kms_key_id: kms_key_id)client.put_object(bucket: bucket, key: key, body: secret_data)resp = client.get_object(bucket: bucket, key: key)

Post-migration

client = Aws::S3::EncryptionV2::Client.new( kms_key_id: kms_key_id, key_wrap_schema: :kms_context, # the key_wrap_schema must be kms_context for KMS keys content_encryption_schema: :aes_gcm_no_padding, security_profile: :v2_and_legacy # to allow reading/decrypting objects encrypted by the V1 encryption client)client.put_object(bucket: bucket, key: key, body: secret_data) # No changesresp = client.get_object(bucket: bucket, key: key) # No change

Example: Using AWS KMS without kms_key_idPre-migration

client = Aws::S3::Encryption::Client.new(kms_key_id: kms_key_id)client.put_object(bucket: bucket, key: key, body: secret_data)resp = client.get_object(bucket: bucket, key: key)

Post-migration

client = Aws::S3::EncryptionV2::Client.new( kms_key_id: kms_key_id, key_wrap_schema: :kms_context, # the key_wrap_schema must be kms_context for KMS keys content_encryption_schema: :aes_gcm_no_padding, security_profile: :v2_and_legacy # to allow reading/decrypting objects encrypted by the V1 encryption client)client.put_object(bucket: bucket, key: key, body: secret_data) # No changesresp = client.get_object(bucket: bucket, key: key, kms_allow_decrypt_with_any_cmk: true) # To allow decrypting with any cmk

Post-Migration Alternative

If you only read and decrypt (never write and encrypt) objects using the S2 encryption client, use thiscode.

client = Aws::S3::EncryptionV2::Client.new( kms_key_id: :kms_allow_decrypt_with_any_cmk, # set kms_key_id to allow all get_object requests to use any cmk key_wrap_schema: :kms_context, # the key_wrap_schema must be kms_context for KMS keys content_encryption_schema: :aes_gcm_no_padding,

222

Page 228: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer GuideMigrate Encryption and Decryption Clients to V2

security_profile: :v2_and_legacy # to allow reading/decrypting objects encrypted by the V1 encryption client)resp = client.get_object(bucket: bucket, key: key) # No change

223

Page 229: AWS SDK for Ruby · The AWS SDK for Ruby Developer Guide provides information about how to install, set up, and use the AWS SDK for Ruby to create Ruby applications that use AWS services.

AWS SDK for Ruby Developer Guide

Document HistoryTo view the list of changes to the AWS SDK for Ruby and its documentation, see the Change logs undereach gem in the aws/aws-sdk-ruby repository in GitHub.

224

https://github.com/aws/aws-sdk-ruby/blob/master/gems
https://github.com/aws/aws-sdk-ruby/blob/master/gems

AWS SDK para

AWS SDK para

AWS SDK for Java - Cloud Storage — AWS · PDF fileAWS SDK for Java Developer Guide The AWS SDK for Java provides a Java API for AWS infrastructure services. Using the SDK, you

AWS SDK for Java - Cloud Storage — AWS · PDF fileAWS SDK for Java Developer Guide The AWS SDK for Java provides a Java API for AWS infrastructure services. Using the SDK, you

AWS SDK for PHP - Cloud Storage — AWS · PDF fileContents AWS SDK for PHP 1 Signing Up for AWS 1 Creating an AWS account 1 To sign up for AWS 1 To view your AWS credentials 1 Getting

AWS SDK for PHP - Cloud Storage — AWS · PDF fileContents AWS SDK for PHP 1 Signing Up for AWS 1 Creating an AWS account 1 To sign up for AWS 1 To view your AWS credentials 1 Getting

AWS SDK for PHP - Amazon Web Services

AWS SDK for PHP - Amazon Web Services

AWS SDK for iOS 2.0 Developer GuideTable of Contents What Is the AWS SDK for iOS? ..... 1

AWS SDK for iOS 2.0 Developer GuideTable of Contents What Is the AWS SDK for iOS? ..... 1

AWS SDK for PHP

AWS SDK for PHP

AWS Encryption SDK · How the AWS Encryption SDK Works The AWS Encryption SDK uses envelope encryption to protect your data and the corresponding data keys. For more information,

AWS Encryption SDK · How the AWS Encryption SDK Works The AWS Encryption SDK uses envelope encryption to protect your data and the corresponding data keys. For more information,

AWS Mobile SDK Unity Developer Guide

AWS Mobile SDK Unity Developer Guide

Deployment Sins - on.notist.cloud · Diet aws-java-sdk-1.8.12.jar 12.9 M aws-java-sdk-1.11.335.jar 3.4 K

Deployment Sins - on.notist.cloud · Diet aws-java-sdk-1.8.12.jar 12.9 M aws-java-sdk-1.11.335.jar 3.4 K

AWS SDK for Haskell開発

AWS SDK for Haskell開発

Mastering the AWS SDK for PHP (TLS306) | AWS re:Invent 2013

Mastering the AWS SDK for PHP (TLS306) | AWS re:Invent 2013

AWS SDK for JavaScript - Developer Guide for SDK v2.208 · PDF fileUsing the SDK with Node.js ... AWS SDK for JavaScript Developer Guide for SDK v2.208.0 Using the SDK with Node.js

AWS SDK for JavaScript - Developer Guide for SDK v2.208 · PDF fileUsing the SDK with Node.js ... AWS SDK for JavaScript Developer Guide for SDK v2.208.0 Using the SDK with Node.js

Kit SDK AWS Mobile · spécifiques au développement mobile. Pour en savoir plus sur le kit SDK AWS pour .NET, voir : • AWS SDK for .NET Getting Started Guide • Manuel du développeur

Kit SDK AWS Mobile · spécifiques au développement mobile. Pour en savoir plus sur le kit SDK AWS pour .NET, voir : • AWS SDK for .NET Getting Started Guide • Manuel du développeur

AWS SDK for - Cloud Storage — AWS - s3.cn-north-1 ... · PDF fileAWS SDK for .NET Developer Guide The AWS SDK for .NET is a single downloadable package that includes Visual Studio

AWS SDK for - Cloud Storage — AWS - s3.cn-north-1 ... · PDF fileAWS SDK for .NET Developer Guide The AWS SDK for .NET is a single downloadable package that includes Visual Studio

AWS SDK for Smalltalk

AWS SDK for Smalltalk

AWS SDK for Ruby - s3.cn-north-1.amazonaws.com.cn · AWS SDK for Ruby Developer Guide The AWS SDK for Ruby provides a Ruby API for AWS infrastructure services. Using the SDK, you

AWS SDK for Ruby - s3.cn-north-1.amazonaws.com.cn · AWS SDK for Ruby Developer Guide The AWS SDK for Ruby provides a Ruby API for AWS infrastructure services. Using the SDK, you

Z_aws Sdk Ruby Developer Guide for v1 Legacy SDK

Z_aws Sdk Ruby Developer Guide for v1 Legacy SDK

(DEV303) Touring Version 2 of the AWS SDK for Ruby | AWS re:Invent 2014

(DEV303) Touring Version 2 of the AWS SDK for Ruby | AWS re:Invent 2014

AWS Database Migration Service - docs.aws. Database Migration Service API Reference Table of Contents ... • AWS SDK for Ruby V2 API Version 2016-01-01 5. AWS Database Migration Service

AWS Database Migration Service - docs.aws. Database Migration Service API Reference Table of Contents ... • AWS SDK for Ruby V2 API Version 2016-01-01 5. AWS Database Migration Service

AWS SDK parar Ruby...AWS SDK parar Ruby Developer Guide Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner

AWS SDK parar Ruby...AWS SDK parar Ruby Developer Guide Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner