Multi-cloud services in ColdFusion

Overview

Mlti-cloud services consist of different cloud vendors, for example, AWS, AZURE, and services provided by cloud vendors, for example, S3 by AWS, SQS by AWS, BLOB by AZURE, or Service Bus by AZURE.

Credential Alias

A Credential Alias will store authentication and authorization entities for each cloud vendor. There are three ways to define credential alias:

  • Admin Portal
  • Application.cfc
  • Inline

A Credential Alias can be used with many cloud services (by the same vendor), that will allow the user to change between vendor accounts with changing code.

Service Config

A Service config will contain all configuration details that may be required while initializing service client. Against every service config, there will be a service config alias. There are three ways to define the service config:

  • Admin Portal
  • Application.cfc
  • Inline

A Service config can be used with their respective cloud credentials alias, that will externalize the configuration for various cloud services. Externalization enables CF developers to switch between the same service from different accounts without code change.

The following table lists the cloud services that are supported in ColdFusion:

Cloud Vendor

Service

Multi-cloud service by ColdFusion

AWS

S3

S3

AWS

SQS

SQS

AWS

SNS

SNS

AWS

DynamoDB

DYNAMODB

AZURE

BLOB

AZURE_BLOB

AZURE

Service Bus

SERVICE_BUS

Access cloud service

In ColdFusion (2021 release), there is a new method getCloudService that gives you a handle for a particular cloud service. The cloud services that are supported are:

  • Amazon SQS
  • Amazon SNS
  • Amazon DynamoDB
  • Amazon S3 storage
  • Azure Blob storage
  • Azure Service Bus

service=getCloudService(cloudCred,cloudConfig), where:

  • cloudCred: Defines the credentials for the cloud service. It could either be a struct or a string (also known as credential alias).
  • cloudConfig: Defines the cloud service configuration details. It could either be a struct or a string (also known as config alias).

The getCloudService method has four variants:

  • getCloudService(String cloudCredAlias, String cloudConfAlias)
  • getCloudService(String cloudCredAlias, Struct cloudConfig)
  • getCloudService(Struct cloudCred, String cloudConfAlias)
  • getCloudService(Struct cloudCred, Struct cloudConfig)

Define configuration alias

A config alias is a named representation of a cloud service and its configuration details. You can set the config alias through ColdFusion Administrator.

To set the alias, follow the steps below:

  1. Launch ColdFusion Administrator.
  2. Click Data & Services > Cloud Configuration.
  3. Enter Config Alias and select Cloud Vendor and Service Name (this combination is a cloud service).
  4. Click Add.
  5. Enter the config details or enter the default options.
  6. Click Submit.

Define credential alias

To add Cloud credentials, click Data & Services > Cloud Credentials.

  1. Launch ColdFusion Administrator.
  2. Click Data & Services > Cloud Credentials.
  3. Enter the following:
    1. AWS
      1. Enter the region where your AWS account is configured in.
      2. Enter the secret and the access keys. For more information, see AWS keys.
    2. AZURE
      1. Enter the connection string. A connection string includes the authorization information required for your application to access data in an Azure Storage account. For more information, see Azure connection string.
  4. Click Add.

Using Credential Alias and Config Alias

cloudService = getCloudService("credAlias", "configAlias")

Using Credential Alias and Struct for service config

cloudConfig = { 
    "serviceName" : "AZURE_BLOB" 
} 
cloudService = getCloudService("credAlias", cloudConfig)
Note:

You can specify options{}, context{} structs inside a configuration struct.

Using Config Alias and Struct for service credentials

azureBlobCredential = { 
    "serviceName" : "AZURE_BLOB" 
} 
blobStorageService = getCloudService(azureBlobCredential, "blobConfigAlias")

Using Structs for both cloud credential and service config

azureBlobCredential = { 
    "connectionString" : "AZURE_BLOB" 
} 
blobConfig = { 
    "serviceName" : "AZURE_BLOB" 
} 
blobStorageService = getCloudService(azureBlobCredential, blobConfig)

Multi-cloud as storage service

In ColdFusion (2021 release), you can access cloud storage provided by AWS S3 and Azure Blob. Using the getCloudService method, you can get handle for these services.

In addition to individual interfaces and terminology for AWS S3 and Azure Blob, ColdFusion provides a common interface and common terminology using which user can access both AWS S3 and Azure Blob.

Amazon S3

Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface. Amazon S3 can be employed to store any type of object which allows for uses like storage for Internet applications, backup and recovery, disaster recovery, data archives, data lakes for analytics, and hybrid cloud storage.

Azure Blob

Azure Blob is a cloud-based storage service that can be used to store and retrieve Binary Large Objects (BLOBs), or what are more commonly known as files.

Terminology

Amazon S3

Term

Description

Bucket

An S3 bucket is a public cloud storage resource available in Amazon Web Services (AWS) Simple Storage Service (S3), an object storage offering. Amazon S3 buckets, which are like file folders, store objects, which consist of data and its descriptive metadata.

ACL

Amazon S3 access control lists (ACLs) enable you to manage access to buckets and objects. Each bucket and object have an ACL attached to it as a sub-resource. It defines which AWS accounts or groups are granted access and the type of access. When a request is received against a resource, Amazon S3 checks the corresponding ACL to verify that the requester has the necessary access permissions.

Object

In S3, objects are entities that you store in one or more buckets. For more information, see Objects in S3.

Key

The name that you assign to an object. You use the key to retrieve the object. For more information, see Object keys.

Policy

Bucket policies specify the access permissions for the bucket that the policy is attached to. For more information, see Bucket policy.

Version

Use versioning to keep multiple versions of an object in one bucket. You can also use versioning to archive objects, so you have access to previous versions. In S3, versioning is always OFF by default. For more information, see Object versioning.

Lifecycle

Lifecycle rules define actions that Amazon S3 applies to a group of objects. For objects in a bucket, you typically define lifecycle configuration rules. Using these rules, you can archive or delete objects, based on your requirement. For more information, see Object lifecycle rules.

Tagging

Use tags in an object to categorize object data in a meaningful way. Each tag is a key-value pair. You can also use tags to control access to an object, define lifecycle rules, and so on. For more information, see Object tagging.

Server-Side Encryption (SSE)

Server-side encryption protects data at rest. Amazon S3 encrypts each object with a unique key. For more information, see S3 SSE.

Block Public Access

S3 Block Public Access feature provides settings for access points, buckets, and accounts to help you manage public access to Amazon S3 resources. You can modify bucket policies, access point policies, or object permissions to allow public access. For more information, see S3 Block Public Access.

Requester Pay

With Requester Pays buckets, the requester instead of the bucket owner pays the cost of the request and the data download from the bucket. The bucket owner always pays the cost of storing data. For more information, see Requester Pays Bucket.

Azure Blob

Term

Description

Container

A container in an Azure Blob storage is a place where you store your objects, blobs, files, and so on.

Snapshot

A snapshot is a read-only version of a blob that's taken at a single point in time. After a snapshot has been created, it can be read, copied, or deleted, but not modified. Snapshots provide a way to back up a blob as it appears at a moment in time.

Policy

Use policies to enforce additional level of control over blobs, containers, and so on. You can use a stored access policy to change the start time, expiry time, or permissions for a signature, or to revoke it after it has been issued.

Shared Access Signature (SAS)

A Shared Access Signature (SAS) provides secure access to resources in your storage account without compromising the security of your data. With a SAS, you have granular control over how a client can access your data. For more information, see Azure Blob SAS.

Lease

Leasing a blob allows you to take ownership of that blob for a specified time. During that time, the Blob can still be read, but it cannot be modified or deleted until the lease expires, or it is released. A blob can only have one active lease applied to it at a time. Once a lease has expired or been released, another user or process could then acquire a lease on that blob.

Blob

In Azure, a blob is any object, file, etc. that you upload and store in a container.

Blob name

Every blob inside a container is given a name and must meet certain naming conventions. For more information, see Azure blobs and metadata.

ColdFusion common cloud terminology

The following terminologies are equivalent to each other across these three cloud services.

AWS S3

Azure Blob

Common cloud in ColdFusion

Bucket

Container

Root

Key

Blob name

Key

Version

Snapshot

Version

Policy

Policy

Policy

List of common methods

S3/Azure Blob

Description

root("root name",createIfNotExist) createRoot(struct)

Creates a container in Blob and bucket in S3.

ListAll

ListAll(struct)

Lists all containers/buckets.

delete(String rootName)

delete(String blobName)

rootObj.delete(String key)

Deletes an object or container/bucket.

uploadFile(String srcFile, String key)

uploadFile(Struct uploadRequest)

Uploads a file into a container/bucket.

downloadToFile(String destinationFile, String key) downloadToFile(Struct downloadRequest)

Downloads an object from a container/blob to a file.

copy(Struct copyRequest)

Copies an object between containers/blobs.

uploadObject(Struct uploadRequest)

downloadObject(Struct downloadRequest)

Uploads and downloads an object.

parallelUploadFile(struct uploadRequest)

parallelDownloadFile(struct downloadRequest)

Download and upload objects in parallel to containers/blobs.

uploadDirectory(Struct uploadDirectoryRequest)

Uploads a folder in the container/blob.

List of methods across services

AWS S3

Azure Blob

Common cloud in ColdFusion

createBucket

createContainer

createRoot

listAll(struct)

listAll(Struct listRequest)

listAll(struct)

delete(String bucketName)

delete(Struct)

struct = {

    "bucket" : "bucketName",

    "forcedDelete" : true|false

}

delete(String blobName)

delete(Struct)

struct={

     "blobName" : "blobName",

     "deleteSnapshotsOption" : "DELETE_SNAPSHOTS_ONLY" | "INCLUDE_SNAPSHOTS" | "NONE"

}

delete(String bucketName)

delete(String blobName)

uploadFile(String srcFile, String key)

uploadFile(Struct uploadRequest)

uploadRequest={

    "srcFile" : "file",

            "key" : "Keyname",

            "acl" : PRIVATE | PUBLIC_READ | PUBLIC_READ_WRITE | AUTHENTICATED_READ | AWS_EXEC_READ |BUCKET_OWNER_READ | BUCKET_OWNER_FULL_CONTROL("bucket-owner-full-control"),

            "cacheControl" : "",

            "contentDecomposition" : "",

            "contentEncoding" : "",

            "contentLanguage" : "",

            "contentLength" : "",

            "validateContentMD5" : "",

            "contentType" : "",

            "expires" : "",

            "grantFullControl" : "", //comma separated values

            "grantRead" : "",

            "grantReadACP" : "",

            "grantWriteACP" : "",

            "metadata" : "",

            "serverSideEncryption" : "",

            "storageClass" : STANDARD | REDUCED_REDUNDANCY | STANDARD_IA | ONEZONE_IA | INTELLIGENT_TIERING | GLACIER | DEEP_ARCHIVE,

            "websiteRedirectLocation" : "",

            "sseCustomerAlgorithm" : "",

            "sseCustomerKey" : "",

             "ssekmsKeyId" : "",

            "ssekmsEncryptionContext" : "",

            "requestPayer" : "",

            "tagging" : [],

            "objectLockMode" : GOVERNANCE | COMPLIANCE,

            "objectLockRetainUntilDate" : "",

            "objectLockLegalHoldStatus" : "ON" | "OFF"

 

}

uploadFile(String srcFile, String blobName)

uploadFile(Struct uploadRequest)

uploadRequest={

    "blobName" : "blob Name",
    "srcFile" : "filePath",
    "accessCondition" : {},
    "context" : {},
    "options" : {}

}

uploadFile(Struct uploadRequest)

 

downloadToFile(String destinationFile, String key)

downloadToFile(Struct downloadRequest)

downloadRequest={

           "destinationFile" : "file",

            "key" : "Keyname",

            "acl" : PRIVATE | PUBLIC_READ | PUBLIC_READ_WRITE | AUTHENTICATED_READ | AWS_EXEC_READ |BUCKET_OWNER_READ | BUCKET_OWNER_FULL_CONTROL("bucket-owner-full-control"),

            "cacheControl" : "",

            "contentDecomposition" : "",

            "contentEncoding" : "",

            "contentLanguage" : "",

            "contentType" : "",

            "expires" : "",

            "versionId" : "",

            "sseCustomerAlgorithm" : "",

            "sseCustomerKey" : "",

            "requestPayer" : ""

}

downloadToFile(String destinationFile, String key)

downloadToFile(Struct downloadRequest)

downloadRequest={

"destinationFile" : "filePath",

   "key" : "keyName"

}

downloadToFile(String destinationFile, String key)

downloadToFile(Struct downloadRequest)

 

copy(Struct copyRequest)

structRequest={

   "sourceBucket": "srcBucket",

   "sourceKey" : "srcKey".

   "sourceVersionId" : "srcVersionId",

   "key" : "destKey",

   "storageClass" : ""

}

copy(Struct copyRequest)

copyRequest={

    "sourceBlob" : "source blob",
"sourceVersion" : versionId,
"sourceAccessCondition" : {},
"storageClass" : HOT | COOL | ARCHIVE,
"destinationBlob" : "destination blob"

}

copy(Struct copyRequest)

enableVersioning(Struct versioningStruct)

versioningStruct = {

        "mfa" : "",

        "mfaDelete" : ""

    }

 

createSnapshot(Struct shapshotStruct)

snapshotRequest = {

    "blobName" : "blob name"

}

 

createVersion

uploadDirectory(Struct uploadStruct)

uploadStruct={

   "prefix" : "",

        "sourceDirectory" : "",

        "uploadNestedDirectory" : true|false

}

uploadDirectory(Struct uploadDirectoryRequest)

uploadDirectoryRequest={

   "prefix" : "prefix",

   "sourceDirectory" : "dir",

   "uploadNestedDirectory" : true|false

}

uploadDirectory(Struct uploadDirectoryRequest)

parallelUpload(Struct parallelUploadRequest)

parallelUploadFile(Struct parallelUploadRequest)

parallelUploadfile(Struct parallelUploadStruct)

parallelUploadStruct={   "key" : "keyName",

"srcFile" : "filePath",
"accessCondition" :{},

"context" :{},

"options" :{}

}

Get help faster and easier

New user?