Cloudfront Multiple origins within the same bucket
Question
I have a cloudfront distribution which I'm using with a single S3 bucket as the origin. The bucket has both private and public data in it, segregated by folders - public_folder_1, public_folder_2, private_folder_1, private_folder_2 . I want to use cloudfront to serve only the content from the 2 public folders. I want requests to xxx.cloudfront.net/public_folder_1/file1 to go to public_folder_1 and requests to xxx.cloudfront.net/public_folder_2/file1 to go to public_folder_2 .
I have created 2 origins within the distro with origin name + paths - mybucket/public_folder_1 and mybucket/public_folder_2 for the 2 folders. I have also created two behaviours with path patterns - public_folder_1/* and public_folder_2/* (I have tried adding a leading / to the path pattern, it doesn't seem to make a difference) . But I can't access files via cloudfront.
If I change the path pattern for either behaviour to * instead of public_folder_x/* then I can access files using xxx.cloudfront.net/filex . My concern with this is that if I have 2 files with the same name in both folders how would cloudfront know which folder to use as the origin? I don't want to have to create and manage a seperate distro for each origin path.
1 answers
solution1
5 2020-03-16 02:26:07
In my case, I wasn't understanding that when CloudFront finds a matching behavior, it forwards the entire URL path to S3 . If a matching directory structure isn't represented in your S3 bucket subdirectory, you'll get a 403 response. For example, if you have a behavior matching on /developer/* , and the url is {hostname}/developer/thing.html , the S3 bucket directory which represents your origin must have a root-level subdirectory named "developer" that contains thing.html .
My concern with this is that if I have 2 files with the same name in both folders how would cloudfront know which folder to use as the origin?
You'd have to find some way to distinguish the files by a matching pattern. I would suggest adding uniquely named folders to each origin, then creating behaviors to divert traffic based on the path provided:
- origin1:
mybucket/stuff - origin2:
mybucket/things - behavior1:
/stuff/*--> origin1 - behavior2:
/things/*--> origin2 -
cloudfront-url/stuff/file.html--> returnsfile.htmlin the stuff directory, aka origin1. -
cloudfront-url/things/file.html--> returnsfile.htmlin the things directory, aka origin2.
Edit:
I just created a single distro with the following two origins...
With the following behaviors...
And the following bucket structure...
And here are the results:
- https://d103l0p0xb29zj.cloudfront.net/file.html > matches default behavior, so returns
file.htmlfromS3-stackoverflow-test-bucket/public_folder_1. - https://d103l0p0xb29zj.cloudfront.net/pub1/file.html > matches first behavior, returns
file.htmlfromS3-stackoverflow-test-bucket/public_folder_1/pub1 - https://d103l0p0xb29zj.cloudfront.net/pub2/file.html > matches second behavior, returns
file.htmlfromS3-stackoverflow-test-bucket/public_folder_2/pub2 - Note that
S3-stackoverflow-test-bucket/public_folder_2/file.htmlis not accessible at all based on the current rules.
I'll leave the distro up for a few days so you can click the links.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.