1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
0
Hi,
You should look at this page to understand the full mechanism: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls.html
Section "How signed URLs work" say:
CloudFront uses the public key to validate the signature and confirm that the URL hasn't
been tampered with. If the signature is invalid, the request is rejected.
If the signature is valid, CloudFront looks at the policy statement in the URL (or constructs
one if you're using a canned policy) to confirm that the request is still valid. For example,
if you specified a beginning and ending date and time for the URL, CloudFront confirms that
the user is trying to access your content during the time period that you want to allow access.
If the request meets the requirements in the policy statement, CloudFront does the standard
operations: determines whether the file is already in the edge cache, forwards the request to
the origin if necessary, and returns the file to the user.
Best,
Didier
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 anos
Hi Didier,
Thank you for pointing this out; I've been on this page but missed these last steps describing the procedure. Based on this, would it be the correct assumption that after CloudFront validates the signature and expiry and other related access parameters, it will strip all these parameters and look in the cache only the file? For two recurring requests with different signatures to the same object from the same location, my first request will be forwarded to the origin, and the second, I will get from the cache, even if my Caching policy is
CachingOptimized
.Hi, thanks for accepting my answer. Yes, my understanding is that CF looks in the cache if the policy allows and then goes to origin if needed. Re CachingOptimized doc says "CloudFront doesn't include any query strings or cookies in the cache key, and only includes the normalized Accept-Encoding header" see https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html#managed-cache-caching-optimized