5,043 questions
Advice
0
votes
1
replies
29
views
Cloudfront Cache policy headers vs Vary header
Why can we set which request headers should make up the cache key in a cloudfront distribution behaviour? If the origin responds with a Vary header, shouldn't the cache just use the headers in there ...
- 10.2k
-2
votes
0
answers
32
views
CloudFront caching Traefik Sticky Sessions in Docker Swarm causing 502 errors after deployment [closed]
We run a Meteor application that requires sticky sessions. We recently refactored our infrastructure and have started seeing connectivity issues.
Old Setup (Stable): A single EC2 instance running ...
- 4,789
0
votes
0
answers
35
views
AWS Error in Cloudfront + Appsync with 2 Authorizers OICD and new additional API_KEY, Cloudfront forcing x-api-key
I have an application that is in production working with Cloudfront + Appsync with OICD Authorizer. In the Cloudfront configuration for some reason it is adding in the custom headers if API_KEY exists ...
1
vote
1
answer
68
views
Apache returns 404 only when accessed through CloudFront (works fine via ELB directly)
Our web service is running on EC2 with Apache. We have the following setup:
Service A -> ELB -> Service B API
In this case, Apache on Service B shows in rewrite.log that the rewrite rule was ...
- 13
-1
votes
1
answer
34
views
Expected X-Cache value when serving requests for non-existent files?
I have configured CloudFront and S3 using OAI and it generally serves files as expected.
I am trying to reduce my S3 API costs and I think about 10% of it is linked to requests for non-existent files. ...
- 4,892
0
votes
0
answers
132
views
Why am I getting "Invalid initialization vector" when calling my signed URL upload API in Node.js?
I’m working on a Node.js backend that generates a signed URL for uploading files to AWS S3 via CloudFront.
However, when I hit the signed URL endpoint from curl, I always get the following response:
{&...
-1
votes
1
answer
47
views
Issue with OpenTofu tests against AWS Cloudfront Distributions [closed]
I could use an assist on my opentofu tests
Here is a small snippet of my Terraform module
resource "aws_cloudfront_distribution" "main" {
price_class = "...
- 2,321
3
votes
1
answer
224
views
CloudFront Continuous Deployment: Intermittent 500 Error (x-edge-detailed-result-type: Error) with Weight-Based Policy
I'm using Amazon CloudFront's Continuous Deployment feature to implement a canary release for a static website.
My setup is as follows:
Origin: Both the primary and staging distributions use an S3 ...
- 349
0
votes
0
answers
58
views
Handling CORs with AWS CloudFront with a Lambda Function Url Origin
I'm having an issue creating an AWS CloudFront Distribution that returns CORs headers from a Lambda Function URL Origin.
I can send test requests via cURL to the Lambda Function URL directly and see ...
- 618
0
votes
0
answers
35
views
AWS CloudFront Signed URL throws ERR_OSSL_EVP_INVALID_DIGEST in Node.js 22
I'm trying to generate signed URLs for a CloudFront distribution using the AWS SDK v3 (@aws-sdk/cloudfront-signer) in a Node.js project.
I successfully uploaded my public key to CloudFront using:
aws ...
0
votes
0
answers
50
views
How can I set CloudFront Signed Cookies for restricted S3 access without a reverse-proxy?
I’m building a system to serve private S3 assets via CloudFront Signed Cookies—so end users can browse entire folders without issuing individual presigned URLs.
What I'm trying:
I have a CloudFront ...
0
votes
0
answers
67
views
Setting the CloudFront-Viewer-Country to each viewer response
In the AWS CloudFront distribution, I can configure the origin request policy to add CloudFront-Viewer-Country header to the origin request, and I can read that header in the Lambda@Edge attached to ...
- 369
0
votes
0
answers
62
views
CloudFront throws 401 or 403 before accessing to API Gateway
This is my first time deploying a web application using AWS and I could successfully see the static pages but not dynamic pages now.
I've read that when CloudFront gets a header with authorization, it ...
- 19
0
votes
0
answers
94
views
CloudFront 502 Error - Previously Working Google Cloud Run Origin Suddenly Failing
I'm experiencing a 502 error with my CloudFront distribution that was previously working fine. This is the second time this has happened to me with a Google Cloud Run origin connected to AWS ...
0
votes
0
answers
55
views
CloudFront serving different file version based on request type
I have updated a PDF file in my Amazon S3 bucket. The bucket in question is being served by a CloudFront distribution.
I have successfully executed an invalidation and when I access the PDF file by ...
- 65
0
votes
0
answers
34
views
Caching with API Gateway, aws_proxy integration and custom domains
I'm trying to figure out how to handle caching in the most appropriate way for my APIs which are handled via Lambdas hooked up to API Gateway using aws_proxy and custom domains.
I read that a hidden ...
- 4,186
0
votes
1
answer
99
views
Uncaught (in promise) SecurityError: Failed to execute 'toBlob' on 'HTMLCanvasElement': Tainted canvases may not be exported in strapi
Strapi Version: 5.11.3
Node Version: 22.0.0
Database: Sqlite
This issue occurs when I want to save the crop image results in the strapi media library but nothing happens.
I checked and there was an ...
- 1
0
votes
3
answers
142
views
CloudFront intermittently serves wrong SSL certificate (ERR_CERT_COMMON_NAME_INVALID) for subdomain behind Route53 and custom cert
I have remoteEntry.js file in AWS S3 bucket.
I have cloudfront setup with a custom SSL cert which loads this remoteEntry.js with below url:
https://modules.uat.mysite.com/available-modules/...
- 7,908
1
vote
1
answer
82
views
Can I return just HTML using a Lambda @ Edge?
I'm trying to use Lambda at Edge, and based on the status of the request, to return some HTML. Basically the following is my Lambda code (in Python):
def handler(event, context):
clientIp = event['...
- 13
0
votes
0
answers
44
views
Problems with my WebApp deployment and ACM certificates
I'm trying to deploy my WebApp pipeline using CDK (https://docs.aws.amazon.com/cdk/v2/guide/home.html) with credentials set up in ~/.aws/credentials and ~/.aws/config.
I created a certificate in AWS ...
- 1
2
votes
0
answers
88
views
AWS CloudFront WebSocket connection fails with correct OriginRequestPolicy and Upgrade headers
I'm trying to establish a WebSocket connection through AWS CloudFront to a backend service behind an Application Load Balancer. The setup works perfectly when accessing the backend directly (via ALB ...
- 1,804
2
votes
0
answers
90
views
Astro + S3 + CloudFront: Clicking navigation link causes redirect to wrong path (/WEBSITE/pricing)
I'm deploying an Astro static site to S3 and serving it via CloudFront. Here's my deploy script:
"deploy": "npm run build && aws s3 sync dist s3://mybucket/WEBSITE --delete"...
- 55
4
votes
2
answers
86
views
How to investigate repeated cached lambda at edge requests
I have the following Cloudfront and lambda at edge setup
User makes a request to CDN (path is irrelevant, result must always be the same for given day)
Cloudfront makes request to origin (lambda is ...
- 1,277
0
votes
0
answers
144
views
KeyCloak - Reverse Proxy config AWS CloudFront
I'm really getting desperate.
I have an EC2 instance in AWS running two containers. One of them is KeyCloak (and its db). This should be accessible via a Cloudfront URL. But I am encountering problems ...
- 23
0
votes
1
answer
75
views
Hosting multiple static websites in single s3 bucket with cloudfront and lamda
My goal was to host multiple static websites in a single s3 bucket.
My s3 bucket has folders like this and these should point to the urls like this
My-bucket/feature-abc-123 => my-url/feature-abc-...
- 7,297
0
votes
1
answer
65
views
How can I ensure my AWS Lambda function uses the CloudFront domain instead of the API Gateway URL for the canonical link in my Qwik SSR application?
I have an AWS Lambda function connected to an API Gateway (Regional HTTP API) and my domain is linked to CloudFront. However, my application's canonical URL is being set to the API Gateway domain ...
- 574
0
votes
1
answer
57
views
Direct Access to Specific Page Redirecting to Home Page
I have a static Gatsby website hosted on S3 + Cloudfront. The site is working fine with custom error responses with path set to /index.html for error code 403
But when I try to manually enter a ...
- 1,332
0
votes
1
answer
54
views
Redirect based on URL to AWS CloudFront or AWS Amplify
I have two apps in AWS.
One hosted in AWS S3 and acts as an origin for an AWS CloudFront distribution.
Another one hosted in AWS Amplify.
I would like to, based on a specific path, to redirect ...
- 2,848
1
vote
1
answer
79
views
AWS Cloudfront serves manually created objects from S3 but throws 'access denied' for images uploaded from my backend
I have Cloudfront distribution and S3 bucket as origin.
Distribution is deployed and active - I can reach files from S3 like example root object or files deployed myself using AWS console with url - ...
- 105
2
votes
2
answers
392
views
CORS Issue with CloudFront + S3
I’m using Next.js (front-end) at https://toscanini.me and serving images from https://images.toscanini.me via Amazon S3 + CloudFront. Despite having set up CORS, my browser still reports a CORS error ...
-2
votes
1
answer
85
views
Can't upload public key for cloudfront signing with terraform (request contains empty/invalid/out of limits RSA Encoded Key) [closed]
I am attempting to upload a public key to cloudfront with terraform using aws_cloudfront_public_key like this:
//main.tf
...
resource "aws_cloudfront_public_key" "public_key" {
...
- 120
1
vote
1
answer
332
views
How can I use cloudfront function to rewrite origin url rather than redirect?
I am using Cloudfront function to redirect the request url as below code:
return {
statusCode: 307,
statusDescription: 'Found',
headers: { location: { value: $newUrl } },
...
- 43.3k
0
votes
0
answers
26
views
Use 4 cloudfronts with a single s3
I'm working on a migration from an application, previously running on Kubernetes to a setup with S3 and Cloudfront.
That application has 4 environments. Those environments were selected via a ...
- 737
0
votes
0
answers
60
views
AWS Cloudfront behaviour settings to allow onsubmit actions
I have a website hosted on AWS -> EC2 with Cloudfront setup. The issue when the code makes an OnSubmit post via vue it returns, Uncaught (in promise) undefined
Promise onSubmit. What behaviours ...
- 1,183
0
votes
0
answers
30
views
Adsense snippet not appearing in react app deployed in S3
I'm making a small react web app. I would like to see how to add ads on it. I went on adsense and added the snippet to my index.html to have it look like this:
<!DOCTYPE html>
<html lang=&...
- 1,017
0
votes
0
answers
28
views
Trouble Configuring AWS S3 and CloudFront with Camaleon CMS
I am trying to configure AWS S3 and CloudFront to work with Camaleon CMS and have encountered several issues.
Documentation and CORS Configuration: I initially tried to follow a tutorial given in the ...
- 409
0
votes
0
answers
89
views
Logging Frontend Events in an AWS-Hosted Angular App
I have an Angular app with an important frontend-only functionality, and I want to capture logs for it. The app is deployed on AWS using S3 and CloudFront, while the backend is nodejs app primarily ...
- 21
0
votes
0
answers
83
views
Streaming on Cloudfront with next 15 and suspense?
How do I enable streaming / ui loading for a nextjs application on cloudfront?
I have a simple next15 server-side page with a server component that should fetch data on every url query change, meaning ...
- 79
0
votes
0
answers
68
views
PCI DSS Vulnerability Scan with Website behind AWS Cloudfront
need some expert advise on how can we get PCI Vulnerability scan completed by and authorized ASV on a website's public facing IP address when it sits behind Cloudfront. CloudFront has got a huge range ...
0
votes
0
answers
32
views
CloudFront Signed URL for Oracle PL/SQL
I'm writing a PL/SQL function which converts available CloudFront URL, Private Key & Key Pair to prepare a signed URL with some expiry time. I tried various approaches like DBMS_CRYPTO.MAC() & ...
- 1,784
0
votes
0
answers
133
views
Any way (or workaround) to have cloudfront functions apply to custom error pages?
I have a cloudfront distribution that backs into and S3 bucket. There are custom error pages that direct 403/404 errors to "/notfound.html". The S3 bucket contains a directory per ...
- 33
0
votes
2
answers
142
views
AWS: Hosting GoLang Lambda functions on Cloudfront
I have a Lambda function in GoLang, I want to have CDN on it for region based quick access (I think Cloudfront can help me do that on AWS).
Researched so far:
I saw that Lambda@Edge is there to ...
- 39
0
votes
0
answers
38
views
PreFlight problem AWS CloudFront/ABL/NGINX/EC2
The Problem:
getProfile most of times go to PreFlight (but sometimes work right).
Frontend Host: AWS S3/CloudFront and Backend Host: AWS EC2
FRONTEND
client.js
import axios from "axios";
...
- 21
0
votes
1
answer
301
views
WAF not being attached to a Cloudfront due to issue in scope in Terraform
I'm defining a Cloudfront with a WAF using Terraform.
The relevant parts of my code are:
resource "aws_cloudfront_distribution" "cloudfront" {
origin {
origin_id = &...
- 737
0
votes
0
answers
34
views
NextJS 14, SSR and CloudFront caching initial empty searchParams
I am attempting to get a NextJS 14 SSR app to work with cloudfront. The initial load uses searchParams which are always empty. So CloudFront caches the empty response.
Here is the SAM template section ...
- 40.5k
2
votes
0
answers
75
views
502 errors in ECS ALB
I have nodejs aplication with nestjs. There a different endpoints, some of them respond quickly, and others could run for tens of seconds.
Architecture in aws:
waf -> cloudfront -> alb -> ecs
...
- 21
2
votes
1
answer
128
views
Does the Cache Policy in AWS Cloudfront allow for Wildcards in the query string?
I want to configure the Cloudfront Cache Policy as "Include all query strings except...". The exceptions should include various tracking query strings, such as the utm_* parameters. ...
- 404
1
vote
0
answers
75
views
How to Automatically Provision CDN(CLOUDFRONT) which points to LB(ELB) with Kubernetes and External-DNS?
I'm learning Kubernetes (K8s) and have a question regarding cloud infrastructure provisioning with Kubernetes and external-dns.
ROUTE 53 ---> CLOUDFRONT (SSL TERMINATION) ----> ELB --------> ...
- 73
0
votes
0
answers
57
views
Cloudfront lambda@edge serve content from Amplify?
I want to serve page content from multiple resources.
I have successfully served content from S3 by setting Lambda@Edge as following
export const handler = async (event) => {
const request = ...
- 21
1
vote
1
answer
275
views
Lambda@edge error handling with async/await (nodejs)
I've been creating lambda@edge functions to do various actions on a viewer request event from cloudfront.
Most examples I can find seem to use callbacks but I wanted to use the async/await pattern ...
- 397