CloudFront issue with path pattern
I have DevOps intuition about how CDN works and what are its advantages. Before asking this question, I have searched about it in similar stackoverflow questions but I feel a little confused now.
Problem Description
Imagine I have two different prefixes in the same bucket:
/<bucket-name>/maintenance/<bucket-name>/assets
The problem is that whenever I enter the following URL with the <distribution-domain-name>/maintenance/* format, it doesn't return the content and raise an Access Denied error.
What I want to achieve:
Create two different routes, on <distribution-domain-name>/maintenance/* (for maintenance contents) and another one one <distribution-domain-name>/*. If the URL starts with <distribution-domain-name>/maintenance/* whatever is replaced to * should be existed on the /<bucket-name>/maintenance instance.
What I have done
I have create two origins:
- Modify origin path (the prefix of the bucket)
- Add two different behaviors, one for maintenance and another for default queries.
How can I resolve this issue?
Introduction
Before diving into the solution, I would like to mention, as stated in the first sentence of my question, that CloudFront is not functioning as expected, which is quite peculiar. So I think it is worth to mention the solution in details.
Solution
To address the issue, please follow these steps in sequence:
Create two origins for the problem.
Set the origin path to the S3 bucket without the last prefix. (In my case, the first origin path should be
/servicesinstead of/service/maintenance)P.S: This is so weird. If you have added path pattern like
maintenance/*in the CloudFront behavior and origin of S3 equals to/services/maintenance, it is required to add new prefix (directory) in S3 bucket! For this purpose instead of adding a new prefix, I have modified the origin path to/services.[Optional] If the directory mentioned in the
path patterndoes not exist, take appropriate action.