I am trying to send an invalidation batch to my cloudfront dist. Here is how I'm doing it:
import requests
import datetime
from tinys3.auth import S3Auth
date = datetime.datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')
host = 'cloudfront.amazonaws.com'
path = '/2014-10-21/distribution/%s/invalidation' % DIST_ID
auth = S3Auth(s3key, s3secret)
# I'm assuming the authorization for s3 takes the same form as the auth for cloudfront.
file_path = 'path/to/file'
data = ['<?xml version="1.0" encoding="UTF-8"?>']
data.append('<InvalidationBatch xmlns="http://cloudfront.amazonaws.com/doc/2014-10-21/">')
data.append('<Paths><Quantity>1</Quantity><Items><Path>/%s</Path></Items></Paths>' % file_path)
data.append('<CallerReference>%s</CallerReference>' % date)
data.append('</InvalidationBatch>')
data = ''.join(data)
try:
url = 'https://%s%s' % (host, path)
r = requests.post(url, data=data, headers=headers, auth=auth)
r.raise_for_status()
print 'Success?'
except:
raise
As you can see I'm using the authorization protocol from tinys3.py and the cloudfront api. You can find their docs here and here:
https://github.com/smore-inc/tinys3
http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/CreateInvalidation.html
When I make the POST request, I get a 403. But I am positive my distribution id is valid (I can use it through the cloudfront GUI). What am I doing wrong?
