<>.cloudfront.net/graphql met with 403


I have an ELB environment, running a simple express/node server on one tiny wee instance (t2.micro) on EC2. It serves up a React Web-app and is the backend to a React-Native mobile-app.

We have pointed a Cloudfront distribution at the environment, and have setup a WAF/Lambda setup to automatically handle blocking of malicious actors.

Whilst we are testing the default security group is so right now the environment url is open to the world.

When I go to the environment url (...elasticbeanstalk.com) it serves up our react web-app and has full functionality, I can log-in fine.

When I go to the cloudfront url (...cloudfront.net) it displays the top-level screens (login or signup) correctly, but the login functionality is not there.

The submit button, which pushes a request to ...cloudfront.net/graphql, is being responded to with a 403 error.

I'm guessing something in my CloudFront setup isn't correct.
-> Does that sound right to you?
-> If so, where would you start with looking?
----> What more would you need to know to be able to diagnose the source of the problem?

Edited by: OliverBrowne on Jan 11, 2019 5:53 AM
edited for clarity

gefragt vor 6 Jahren215 Aufrufe
1 Antwort

The CloudFront Default is to set distributions with only permission for Get and Head. To change this...

CloudFront Console
--> select your Distribution
----> select Behaviours tab
------> select your behaviour (probably the default)
--------> Edit

Change it from Get,Head (the default, first option) to the third option that includes Put.

beantwortet vor 6 Jahren
profile picture
überprüft vor 2 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen