AWS SDK for C++  0.14.7
AWS SDK for C++
Upgrading Notes

For 0.12+ all applications must call the Aws::InitAPI() function before making any other SDK calls, and the Aws::ShutdownAPI function when finished using the SDK. More information can be found here:


The AWS SDK for C++ provides a modern C++ (version C++ 11 or later) interface for Amazon Web Services (AWS). It is meant to be performant and fully functioning with low- and high-level SDKs, while minimizing dependencies and providing platform portability (Windows, OSX, Linux, and mobile).

AWS SDK for C++ is in developer preview while we gather one last round of feedback from users and the open source community reviews the APIs. We invite our customers to follow along with our progress and join the development efforts by submitting pull requests and sending us feedback and ideas via GitHub Issues.

Introducing the AWS SDK for C++ from AWS re:invent 2015

The following video explains many of the core features and also high-level SDKs

Building the SDK:

Use the information below to build the entire source tree for your platform, run unit tests, and build integration tests.

Minimum Requirements:

Creating an Out-of-Source Build (Recommended):

To create an out-of-source build:

  1. Install CMake and the relevant build tools for your platform. Ensure these are available in your executable path.
  2. Create your build directory. Replace BUILD_DIR with your build directory name:
2 cmake <path-to-root-of-this-source-code>

You can use the following variations to create your build directory:

To create a release build, do one of the following:

You may also find the following link helpful for including the build in your project:

Building for Android

To build for Android, add -DTARGET_ARCH=ANDROID to your cmake command line. We've included a cmake toolchain file that should cover what's needed, assuming you have the appropriate environment variables (ANDROID_NDK) set.

Android on Windows

Building for Android on Windows requires some additional setup. In particular, you will need to run cmake from a Visual Studio developer command prompt (2013 or higher). Additionally, you will need 'git' and 'patch' in your path. If you have git installed on a Windows system, then patch is likely found in a sibling directory (.../Git/usr/bin/). Once you've verified these requirements, your cmake command line will change slightly to use nmake:

1 cmake -G "NMake Makefiles" `-DTARGET_ARCH=ANDROID` <other options> ..

Nmake builds targets in a serial fashion. To make things quicker, we recommend installing JOM as an alternative to nmake and then changing the cmake invocation to:

1 cmake -G "NMake Makefiles JOM" `-DTARGET_ARCH=ANDROID` <other options> ..

General CMake Variables


Allows you to only build the clients you want to use. This will resolve low level client dependencies if you set this to a high-level sdk such as aws-cpp-sdk-transfer. This will also build integration and unit tests related to the projects you select if they exist. aws-cpp-sdk-core always builds regardless of the value of this argument. This is a list argument. Example:

1 -DBUILD_ONLY="s3;dynamodb;cognito-identity"

Allows you to build any arbitrary clients based on the api definition. Simply place your definition in the code-generation/api-definitions folder. Then pass this arg to cmake. The cmake configure step will generate your client and include it as a subdirectory in your build. This is particularly useful if you want to generate a C++ client for using one of your API Gateway services. To use this feature you need to have python 2.7, java, jdk1.8, and maven installed and in your executable path. Example: -DADD_CUSTOM_CLIENTS="serviceName=myCustomService; version=2015-12-21;serviceName=someOtherService; version=2015-08-15"


This argument will wipe out all generated code and generate the client directories from the code-generation/api-definitions folder. To use this argument, you need to have python 2.7, java, jdk1.8, and maven installed in your executable path. Example: -DREGENERATE_CLIENTS=1


To use a custom memory manager, set the value to 1. You can install a custom allocator, and all STL types will use the custom allocation interface. If the value is set to 0, you still might want to use the STL template types to help with DLL safety on Windows.

If static linking is enabled, custom memory management defaults to off. If dynamic linking is enabled, custom memory management defaults to on and avoids cross-DLL allocation and deallocation.

Note: To prevent linker mismatch errors, you must use the same value (0 or 1) throughout your build system.


To cross compile or build for a mobile platform, you must specify the target platform. By default the build detects the host operating system and builds for that operating system. Options: WINDOWS | LINUX | APPLE | ANDROID


Use this variable to generate build artifacts, such as Visual Studio solutions and Xcode projects.

Windows example: -G "Visual Studio 12 Win64"

For more information, see the CMake documentation for your platform.

General CMake Options

CMake options are variables that can either be ON or OFF, with a controllable default. You can set an option either with CMake Gui tools or the command line via -D.


(Defaults to OFF) If enabled, most SDK libraries will be built as a single, generated .cpp file. This can significantly reduce static library size as well as speed up compilation time.


(Defaults to OFF) A superset of ENABLE_UNITY_BUILD, if enabled this option turns on ENABLE_UNITY_BUILD as well as some additional binary size reduction settings. This is a work-in-progress and may change in the future (symbol stripping in particular).


(Defaults to ON) A built-in CMake option, reexposed here for visibility. If enabled, shared libraries will be built, otherwise static libraries will be built.


(Defaults to ON) If enabled, the SDK will link to the C runtime dynamically, otherwise it will use the BUILD_SHARED_LIBS setting (weird but necessary for backwards compatibility with older versions of the SDK)


(Defaults to ON) If enabled, the install process will not insert platform-specific intermediate directories underneath bin/ and lib/. Turn OFF if you need to make multi-platform releases under a single install directory.


(Defaults to OFF) If enabled, prevents the default platform-specific http client from being built into the library. Turn this ON if you wish to inject your own http client implementation.


(Defaults to OFF) If enabled, prevents the default platform-specific cryptography implementation from being built into the library. Turn this ON if you wish to inject your own cryptography implementation.


(Defaults to ON) Controls whether or not the SDK is built with RTTI information


(Defaults to 11) Allows you to specify a custom c++ standard for use with C++ 14 and 17 code-bases


(Defaults to ON) Controls whether or not the unit and integration test projects are built

Android CMake Variables/Options


An override path for where the build system should find the Android NDK. By default, the build system will check environment variables (ANDROID_NDK) if this CMake variable is not set.


(Defaults to OFF) By default, Android builds will use a standalone clang-based toolchain constructed via NDK scripts. If you wish to use your own toolchain, turn this option ON.


(Defaults to libc++_shared) Controls what flavor of the C++ standard library the SDK will use. Valid values are one of {libc++_shared, libc++_static, gnustl_shared, gnustl_static}. There are severe performance problems within the SDK if gnustl is used, so we recommend libc++.


(Defaults to armeabi-v7a) Controls what abi to output code for. Not all valid Android ABI values are currently supported, but we intend to provide full coverage in the future. We welcome patches to our Openssl build wrapper that speed this process up. Valid values are one of {arm64, armeabi-v7a, x86_64, x86, mips64, mips}.


(Defaults to standalone-clang) Controls which compiler is used to build the SDK. With GCC being deprecated by Android NDK, we recommend using the default (clang).


(Default varies by STL choice) Controls what API level the SDK will be built against. If you use gnustl, you have complete freedom with the choice of API level. If you use libc++, you must use an API level of at least 21.

Running integration tests:

Several directories are appended with *integration-tests. After building your project, you can run these executables to ensure everything works properly.


To compile in Linux, you must have the header files for libcurl, libopenssl, and libuuid. The packages are typically available in your package manager.

Debian example: sudo apt-get install libcurl-dev uuid-dev

Using the SDK

After they are constructed, individual service clients are very similar to other SDKs, such as Java and .NET. This section explains how core works, how to use each feature, and how to construct an individual client.

The aws-cpp-sdk-core is the heart of the system and does the heavy lifting. You can write a client to connect to any AWS service using just the core, and the individual service clients are available to help make the process a little easier.

Build Defines

If you dynamically link to the SDK you will need to define the USE_IMPORT_EXPORT symbol for all build targets using the SDK. If you wish to install your own memory manager to handle allocations made by the SDK, you will need to pass the CUSTOM_MEMORY_MANAGEMENT cmake parameter (-DCUSTOM_MEMORY_MANAGEMENT) as well as define AWS_CUSTOM_MEMORY_MANAGEMENT in all build targets dependent on the SDK.

Note, if you use our export file, this will be handled automatically for you. We recommend you use our export file to handle this for you:

Initialization and Shutdown

We avoid global and static state where ever possible. However, on some platforms, dependencies need to be globally initialized. Also, we have a few global options such as logging, memory management, http factories, and crypto factories. As a result, before using the SDK you MUST call our global initialization function. When you are finished using the SDK you should call our cleanup function.

All code using the AWS SDK and C++ should have at least the following:

1 #include <aws/core/Aws.h>
2 ...
4  Aws::SDKOptions options;
5  Aws::InitAPI(options);
7  //use the sdk
9  Aws::ShutdownAPI(options);

Due to the way memory managers work, many of the configuration options take closures instead of pointers directly in order to ensure that the memory manager is installed prior to any memory allocations occuring.

Here are a few recipes:

Just use defaults:

1 Aws::SDKOptions options;
2 Aws::InitAPI(options);
3 .....
4 Aws::ShutdownAPI(options);

Turn logging on using the default logger:

1 Aws::SDKOptions options;
2 options.loggingOptions.logLevel = Aws::Utils::Logging::LogLevel::Info;
3 Aws::InitAPI(options);
4 .....
5 Aws::ShutdownAPI(options);

Install custom memory manager:

1 MyMemoryManager memoryManager;
3 Aws::SDKOptions options;
4 options.memoryManagementOptions.memoryManager = &memoryManager;
5 Aws::InitAPI(options);
6 .....
7 Aws::ShutdownAPI(options);

Override default http client factory:

1 Aws::SDKOptions options;
2 options.httpOptions.httpClientFactory_create_fn = [](){ return Aws::MakeShared<MyCustomHttpClientFactory>("ALLOC_TAG", arg1); };
3 Aws::InitAPI(options);
4 .....
5 Aws::ShutdownAPI(options);

Memory Management

The AWS SDK for C++ provides a way to control memory allocation and deallocation in a library.

Custom memory management is available only if you use a version of the library built using the compile-time constant AWS_CUSTOM_MEMORY_MANAGEMENT defined.

If you use a version of the library built without the compile-time constant, the global memory system functions such as InitializeAWSMemorySystem will not work and the global new and delete functions will be used instead.

For more information about the compile-time constant, see the STL and AWS Strings and Vectors section in this Readme.

To allocate or deallocate memory:

  1. Implement the MemorySystemInterface subclass: aws/core/utils/memory/MemorySystemInterface.h

In the following example, the type signature for AllocateMemory can be changed as needed:

1 class MyMemoryManager : public Aws::Utils::Memory::MemorySystemInterface
2 {
3  public:
5  // ...
7  virtual void* AllocateMemory(std::size_t blockSize, std::size_t alignment, const char *allocationTag = nullptr) override;
8  virtual void FreeMemory(void* memoryPtr) override;
10 };

In Main:

1 int main(void)
2 {
3  MyMemoryManager sdkMemoryManager;
4  SDKOptions options;
5  options.memoryManagementOptions.memoryManager = &sdkMemoryManager;
6  Aws::InitAPI(options);
8  // ... do stuff
10  Aws::ShutdownAPI(options);
12  return 0;
13 }

STL and AWS Strings and Vectors

When initialized with a memory manager, the AWS SDK for C++ defers all allocation and deallocation to the memory manager. If a memory manager does not exist, the SDK uses global new and delete.

If you use custom STL allocators, you must alter the type signatures for all STL objects to match the allocation policy. Because STL is used prominently in the SDK implementation and interface, a single approach in the SDK would inhibit direct passing of default STL objects into the SDK or control of STL allocation. Alternately, a hybrid approach – using custom allocators internally and allowing standard and custom STL objects on the interface – could potentially cause more difficulty when investigating memory issues.

The solution is to use the memory system’s compile-time constant AWS_CUSTOM_MEMORY_MANAGEMENT to control which STL types the SDK will use.

If the compile-time constant is enabled (on), the types resolve to STL types with a custom allocator connected to the AWS memory system.

If the compile-time constant is disabled (off), all Aws::* types resolve to the corresponding default std::* type.

Example code from the AWSAllocator.h file in the SDK:

3 template< typename T >
4 class AwsAllocator : public std::allocator< T >
5 {
6  ... definition of allocator that uses AWS memory system
7 };
9 #else
11 template< typename T > using Allocator = std::allocator<T>;
13 #endif

In the example code, the AwsAllocator can be either a custom allocator or a default allocator, depending on the compile-time constant.

Example code from the AWSVector.h file in the SDK: template< typename T > using Vector = std::vector< T, Aws::Allocator< T > >;

In the example code, we define the Aws::* types.

If the compile-time constant is enabled (on), the type maps to a vector using custom memory allocation and the AWS memory system.

If the compile-time constant is disabled (off), the type maps to a regular std::vector with default type parameters.

Type aliasing is used for all std:: types in the SDK that perform memory allocation, such as containers, string stream, and string buf. The AWS SDK for C++ uses these types.

Remaining Issues

You can control memory allocation in the SDK; however, STL types still dominate the public interface through string parameters to the model object initialize and set methods. If you choose not to use STL and use strings and containers instead, you must create a lot of temporaries whenever you want to make a service call.

To remove most of the temporaries and allocation when service calls are made using non-STL, we have implemented the following:

Native SDK Developers and Memory Controls

Follow these rules in the SDK code:


The AWS SDK for C++ includes logging support that you can configure. When initializing the logging system, you can control the filter level and the logging target (file with a name that has a configurable prefix or a stream). The log file generated by the prefix option rolls over once per hour to allow for archiving or deleting log files.

You can provide your own logger. However, it is incredibly simple to use the default logger we've already provided:

In your main function:

1 SDKOptions options;
2 options.loggingOptions.logLevel = Aws::Utils::Logging::LogLevel::Info;
3 Aws::InitAPI(options);
4 //do SDK stuff;
5 Aws::ShutdownAPI(options);

Client Configuration

You can use the client configuration to control most functionality in the AWS SDK for C++.

ClientConfiguration declaration:

1 struct AWS_CORE_API ClientConfiguration
2 {
3  ClientConfiguration();
5  Aws::String userAgent;
6  Aws::Http::Scheme scheme;
7  Aws::Region region;
8  bool useDualStack;
9  unsigned maxConnections;
10  long requestTimeoutMs;
11  long connectTimeoutMs;
12  std::shared_ptr<RetryStrategy> retryStrategy;
13  Aws::String endpointOverride;
14  Aws::String proxyHost;
15  unsigned proxyPort;
16  Aws::String proxyUserName;
17  Aws::String proxyPassword;
18  std::shared_ptr<Aws::Utils::Threading::Executor> executor;
19  bool verifySSL;
20  Aws::String caPath;
21  std::shared_ptr<Aws::Utils::RateLimits::RateLimiterInterface> writeRateLimiter;
22  std::shared_ptr<Aws::Utils::RateLimits::RateLimiterInterface> readRateLimiter;
23 };
User Agent

The user agent is built in the constructor and pulls information from your operating system. Do not alter the user agent.


The default value for scheme is HTTPS. You can set this value to HTTP if the information you are passing is not sensitive and the service to which you want to connect supports an HTTP endpoint. AWS Auth protects you from tampering.


The region specifies where you want the client to communicate. Examples include us-east-1 or us-west-1. You must ensure the service you want to use has an endpoint in the region you configure.


Sets the endpoint calculation to go to a dual stack (ipv6 enabled) endpoint. It is your responsibility to check that the service actually supports ipv6 in the region you specify.

Max Connections

The default value for the maximum number of allowed connections to a single server for your HTTP communications is 25. You can set this value as high as you can support the bandwidth. We recommend a value around 25.

Request Timeout and Connection Timeout

This value determines the length of time, in milliseconds, to wait before timing out a request. You can increase this value if you need to transfer large files, such as in Amazon S3 or CloudFront.

Retry Strategy

The retry strategy defaults to exponential backoff. You can override this default by implementing a subclass of RetryStrategy and passing an instance.

Endpoint Override

Do not alter the endpoint.

Proxy Host, Port, User Name, and Password

These settings allow you to configure a proxy for all communication with AWS. Examples of when this functionality might be useful include debugging in conjunction with the Burp suite, or using a proxy to connect to the internet.


The default behavior for the executor is to create and detach a thread for each async call. You can change this behavior by implementing a subclass of Executor and passing an instance. We now provide a thread pooled executor as an option. For more information see this blog post:

Verify SSL

If necessary, you can disable SSL certificate verification by setting the verify SSL value to false.

CA Path

You can tell the http client where to find your certificate trust store ( e.g. a directory prepared with OpenSSL c_rehash utility). This should not be necessary unless you are doing some weird symlink farm stuff for your environment. This has no effect on Windows or OSX.

Write Rate Limiter and Read Rate Limiter

The write and read rate limiters are used to throttle the bandwidth used by the transport layer. The default for these limiters is open. You can use the default implementation with your desired rates, or you can create your own instance by implementing a subclass of RateLimiterInterface.

Credentials Providers

You can use the AWSCredentialProvider interface to provide login credentials to AWS Auth. Implement this interface to provide your own method of credentials deployment. We also provide default credential providers.

Default Credential Provider Chain

The default credential provider chain does the following:

The simplest way to communicate with AWS is to ensure we can find your credentials in one of these locations.

Other Methods

We also support two other methods for providing credentials:

Using a Service Client

You can use the default constructor, or you can use the system interfaces discussed above to construct a service client.

As an example, the following code creates an Amazon DynamoDB client using a specialized client configuration, default credentials provider chain, and default HTTP client factory:

1 auto limiter = Aws::MakeShared<Aws::Utils::RateLimits::DefaultRateLimiter<>>(ALLOCATION_TAG, 200000);
3 // Create a client
4 ClientConfiguration config;
5 config.scheme = Scheme::HTTPS;
6 config.connectTimeoutMs = 30000;
7 config.requestTimeoutMs = 30000;
8 config.readRateLimiter = m_limiter;
9 config.writeRateLimiter = m_limiter;
11 auto client = Aws::MakeShared<DynamoDBClient>(ALLOCATION_TAG, config);

You can also do the following to manually pass credentials: auto client = Aws::MakeShared<DynamoDBClient>(ALLOCATION_TAG, AWSCredentials("access_key_id", "secret_key"), config);

Or you can do the following to use a custom credentials provider: auto client = Aws::MakeShared<DynamoDBClient>(ALLOCATION_TAG, Aws::MakeShared<CognitoCachingAnonymousCredentialsProvider>(ALLOCATION_TAG, "identityPoolId", "accountId"), config);

Now you can use your Amazon DynamoDB client.

Error Handling

We did not use exceptions; however, you can use exceptions in your code. Every service client returns an outcome object that includes the result and an error code.

Example of handling error conditions:

1 bool CreateTableAndWaitForItToBeActive()
2 {
3  CreateTableRequest createTableRequest;
4  AttributeDefinition hashKey;
5  hashKey.SetAttributeName(HASH_KEY_NAME);
6  hashKey.SetAttributeType(ScalarAttributeType::S);
7  createTableRequest.AddAttributeDefinitions(hashKey);
8  KeySchemaElement hashKeySchemaElement;
9  hashKeySchemaElement.WithAttributeName(HASH_KEY_NAME).WithKeyType(KeyType::HASH);
10  createTableRequest.AddKeySchema(hashKeySchemaElement);
11  ProvisionedThroughput provisionedThroughput;
12  provisionedThroughput.SetReadCapacityUnits(readCap);
13  provisionedThroughput.SetWriteCapacityUnits(writeCap);
14  createTableRequest.WithProvisionedThroughput(provisionedThroughput);
15  createTableRequest.WithTableName(tableName);
17  CreateTableOutcome createTableOutcome = dynamoDbClient->CreateTable(createTableRequest);
18  if (createTableOutcome.IsSuccess())
19  {
20  DescribeTableRequest describeTableRequest;
21  describeTableRequest.SetTableName(tableName);
22  bool shouldContinue = true;
23  DescribeTableOutcome outcome = dynamoDbClient->DescribeTable(describeTableRequest);
25  while (shouldContinue)
26  {
27  if (outcome.GetResult().GetTable().GetTableStatus() == TableStatus::ACTIVE)
28  {
29  break;
30  }
31  else
32  {
33  std::this_thread::sleep_for(std::chrono::seconds(1));
34  }
35  }
36  return true
37  }
38  else if(createTableOutcome.GetError().GetErrorType() == DynamoDBErrors::RESOURCE_IN_USE)
39  {
40  return true;
41  }
43  return false;
44 }

Advanced Topics

This section includes the following topics:

Overriding your Http Client

The default HTTP client for Windows is WinHTTP. The default HTTP client for all other platforms is Curl. If needed, you can create a custom HttpClientFactory, add it to the SDKOptions object which you pass to Aws::InitAPI().

Provided Utilities

The provided utilities include HTTP stack, string utils, hashing utils, JSON parser, and XML parser.

HTTP Stack


The HTTP client provides connection pooling, is thread safe, and can be reused for your purposes. See the Client Configuration section above.

String Utils


This header file provides core string functions, such as trim, lowercase, and numeric conversions.

Hashing Utils


This header file provides hashing functions, such as SHA256, MD5, Base64, and SHA256_HMAC.


/aws/core/utils/crypto/Cipher.h /aws/core/utils/crypto/Factories.h

This header file provides access to secure random number generators, AES symmetric ciphers in CBC, CTR, and GCM modes, and the underlying Hash implementations that are used in HashingUtils.

JSON Parser


This header file provides a fully functioning yet lightweight JSON parser (thin wrapper around JsonCpp).

XML Parser


This header file provides a lightweight XML parser (thin wrapper around tinyxml2). RAII pattern has been added to the interface.

Controlling IOStreams used by the HttpClient and the AWSClient

By default all responses use an input stream backed by a stringbuf. If needed, you can override the default behavior. For example, if you are using Amazon S3 GetObject and do not want to load the entire file into memory, you can use IOStreamFactory in AmazonWebServiceRequest to pass a lambda to create a file stream.

Example file stream request:

1 GetObjectRequest getObjectRequest;
2 getObjectRequest.SetBucket(fullBucketName);
3 getObjectRequest.SetKey(keyName);
4 getObjectRequest.SetResponseStreamFactory([](){ return Aws::New<Aws::FStream>( ALLOCATION_TAG, DOWNLOADED_FILENAME, std::ios_base::out ); });
6 auto getObjectOutcome = s3Client->GetObject(getObjectRequest);

Contributing Back

*Please Do!