amazon-web-services amazon-s3 amazon-cloudfront

Access protected S3 bucket using CloudFront

I have a S3 bucket that can be accessed only using signed urls. Until now i generated signed urls using GeneratePresignedUrlRequest (Java). Now i want to access my bucket through CloudFront. The question is how i generate a signed url in this case?

Solution

It's all in the docs.

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls-overview.html

You also have to properly configure the interaction between Cloudfront and S3.

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

If you are a programmer, you will also find it interesting and important that Cloudfront uses a different set of base64 rules than S3. Instead of percent-encoding the unsafe characters + = / in a signed url, Cloudfront expects them to be transliterated into -_~ respectively.

HTTP requests not working on aws ec2
Amazon EC2 and EBS disk space problem
How do I enable Data API?
CDK Pipelines - Migrating a database in the pipeline
Do environment variables in ECS Fargate task definitions support interpolation?
Upgrading AWS RDS aurora from serverless v1 to serverless v2 using terraform
AWS IAM user not able to see Billing and Cost Management Dashboard
Amazon S3 - How to fix 'The request signature we calculated does not match the signature' error?
Deleting last element in a DynamoDB string set
AWS CLI on Windows won't work though using double quotes and escapes
How to resolve 'Step Functions State Machine is not authorized to create managed-rule'?
Understanding SQS message receive amount
AWS Glue JDBC Connection created using Cloud Formation is not setting the password
CloudFront charges after you invalidate your distribution over 1,000 times, does the count reset each month?
AWS Cognito federated user login not allowing to sign in as different user after log out
AWS s3 V3 Javascript SDK stream file from bucket (GetObjectCommand)
Provide AWS Lex response in Hyperlink format
Fixing yaml indentation with python
Generate S3 URL in "path-style" format
Trying to find the ARN pattern for AWS WAF regional
AWS cognito: What's the difference between Access and Identity tokens?
virtually isolate the network in the same AWS Cloud Account
AWS start sandbox from tutorial
Can I stop a spot instance in aws just like I can stop and start an on demand ec2 instance
FastAPI app works locally, but /blogs endpoint causes redirect loop on AWS Lambda deployment
Get pdftotext Python module running on Lambda
Kubernetes: how to set VolumeMount user group and file permissions
Invalid arn error for terraform code with kms data resource
Unable to import module 'src.main': No module named 'dependencies' when uploading FastAPI zipped project to AWS Lambda
Unable to update AWS AppRunner VPC connector via CDK