AWS announces AWS Interconnect – multicloud (preview), providing simple, resilient, high-speed private connections to other cloud service providers. AWS Interconnect - multicloud is easy to configure and provides high-speed, resilient connectivity with dedicated bandwidth, enabling customers to interconnect AWS networking services such as AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC to other cloud service providers with ease.
Why cloudfront authorize GET method even we enable AWS_IAM for lambda URL
Hello,
I want to ask why cloudfront authorize GET method even we enable AWS_IAM for lambda URL? as I see by default I can use that method without any configuration.
- 言語
- English
- 新しい順
- 投票が多い順
- コメントが多い順
Hello,
CloudFront authorizes GET requests by default for performance reasons., It's designed to handle HTTP requests efficiently, and GET is one of the most common methods used to retrieve data.
AWS_IAM is for security. It verifies if a request is authorized before sending it to your Lambda function.
Both work together: CloudFront handles the request, and AWS_IAM checks if it's allowed.
WHY:
Because CloudFront's cache behavior is typically configured to allow public access to GET requests. To enforce AWS_IAM authorization, you need to ensure that the CloudFront behavior is set up to require signed URLs or restrict access via an origin request policy that includes proper authorization headers. Without these additional configurations, CloudFront will continue to authorize GET requests as it does by default.
Thank you sir, Can you pls give me the link where I can find that information!
AWS Documentation: CloudFront Distribution Configuration
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-working-with.html
https://docs.aws.amazon.com/lambda/latest/dg/urls-configuration.html