Cloudfront redirect when signed cookies not present
Question
I have a single s3 bucket with two folders, login and portal. In cloudfront, portal/index.html is set as the default root object and the default behavior has self set as trusted signer. There is a second behavior defined with the pattern login/* with no trusted signer set.
Assuming that alternate domain name is set to mydomain.com what I want to happen is for cloudfront to redirect any request going to mydomain.com that does not contain signed cookies to mydomain.com/login. Can cloudfront do that?
1 answers
solution1
2 ACCPTED 2020-08-27 16:47:44
Yes it can. You can use Lambda@Edge functions to look at the cookies on any incoming request and change your path based on that.
Take a look at this example for AB testing. It looks at the cookie and changes the target path based on that: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-examples.html#lambda-examples-ab-testing
And this blog post from AWS on the subject (going for cognito on their case, but you can change that to do what you want): https://aws.amazon.com/blogs/networking-and-content-delivery/authorizationedge-using-cookies-protect-your-amazon-cloudfront-content-from-being-downloaded-by-unauthenticated-users/
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.