-
Notifications
You must be signed in to change notification settings - Fork 300
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Investigating usage with authentication (Cognito) and Cloudfront #101
Comments
I am trying to achieve the same.
Facing few issues and looking for possible solution. After authenticating with cloudfront URL not able to load the web page due to below issue.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
So I've been looking at trying to use this with a private bucket behind cloudfront, and where a user needs to login to access the content in the bucket.
Current workflow:
Followed this blog post: https://aws.amazon.com/blogs/networking-and-content-delivery/authorizationedge-using-cookies-protect-your-amazon-cloudfront-content-from-being-downloaded-by-unauthenticated-users/ which includes a cloudformation template which I ran. I removed all the
HTTPHeaders
in the template at setup for now while testing. This setup the default Cognito pool for authentication, and included an S3 bucket with a react app.I replaced everything in the created bucket, with the
index.html
andlist.js
from this repository and updated theindex.html
with something along the lines of:Error: [object Object]
, because it cannot access the bucket (console error being:https://s3.us-east-1.amazonaws.com/<bucket_name>?delimiter=/ 403 (Forbidden)
).I've also tried different variations within the
index.html
file, eg:index.html
to only includevar BUCKET_URL = 'https://<cloudfront_url>.cloudfront.net';
which seemed promising at first post login, however it doesn't manage to list any of the files in the private S3 bucket, eg:There also isn't an error generated in the console. Something interesting in this scenario however, is that if I navigate to a known file (eg a
hello-world.txt
file in the web browser, so:https://<cloudfront_url>.cloudfront.net/hello-world.txt
), I am able to see the file contents just fine in the web browser.I'm unsure how to proceed here, as it seems the issue is although the user can access the
index.html
post authentication, thelist.js
uses the bucket link to access the bucket, which is inaccessible.Any advice looking to proceed would be greatly appreciated!
Thanks :)
Related issues:
The text was updated successfully, but these errors were encountered: