By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Can OAC sign POST requests to cloudfront with a function URL behind?

0

I’ve set up a function url to respond to a webhook which works when I point the webhook at the url and the AUTH_TYPE is set to NONE.

When I add a cloud front distribution with the correct permissions (and OAC that is setup to sign all requests) in front and call the distribution URL using a GET request everything is good.

However when I make a POST request (with data in the body of the request) I get an InvalidSignatureException.

I thought that OAC would sign requests? Or can it not handle POST requests?

Should/Can I use a Lambda@Edge to sign the request “in transit”?

1 Answer
2

Hello.

Judging from the answer at the URL below, it seems that the problem can be resolved by signing using something like Lambda@Edge or by including the "x-Amz-Content-Sha256" header containing the hash of the payload in the request.
https://repost.aws/ja/questions/QUbHCI9AfyRdaUPCCo_3XKMQ/lambda-function-url-behind-cloudfront-invalidsignatureexception-only-on-post

profile picture
EXPERT
answered 5 months ago
profile picture
EXPERT
reviewed 5 months ago
  • That's what I thought but that was from a couple of months ago so I thought I'd check to see if anything had changed since.

  • I also tried a POST request, but it resulted in an error, so I think it probably hasn't been changed.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions