API Gateway Origin of Cloudfront Behavior giving 403 forbidden
For hosting a webiste I am using a cloudfront distribution under someurl.com. It has a behavior that forwards requests arriving under path path to an API Gateway apigatewayurl.com what hosts an API the website should make use of.
I can reach the API Gateway but problem starts when I do add authorization: I get 403 forbidden.
Authorization should work through a custom authorizer using cookie which is set under the domain someurl.com. The authorizer works fine, I tested that one using the regional API endpoint.
When only adding the authorization my request is blocked at the API Gateway what makes sense as Cloudfront does not forward cookies. I get 403 - unauthorized and I can see in the API Gateway logs that the request makes it to API Gateway.
To forward cookies I added 'ViewerAll' origin policy to the behavior but then API Gateway is not even reaching API Gateway, I do not get any log. My call returns 403 - forbidden.
Any ideas why I get 403 once I enable origin policy in order to forward cookies?
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
after some more tries I found a solution. It looks like the origin request policy is not sufficient. I introduced a caching policy and removed the origin request policy what solved the issue. What is cached is forwarded.
Relevanter Inhalt
AWS OFFICIALAktualisiert vor 2 Jahren- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor einem Jahr