x-amzn-ErrorType: ForbiddenException, X-Cache: Error from cloudfront

Hi: wondering if an AWS technical support could look into this to determine why the request is coming back FORBIDDEN ... two requestId's below to compare ...

Request Header (identical for both requests) OPTIONS https://api.flybreeze.com/production/nav/api/nsk/v1/token HTTP/1.1 Host: api.flybreeze.com Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://www.flybreeze.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.51 Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Sec-Fetch-Dest: empty Referer: https://www.flybreeze.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9

FORBIDDEN Response Header HTTP/1.1 403 Forbidden Content-Type: application/json Content-Length: 23 Connection: keep-alive Date: Thu, 30 Mar 2023 18:51:50 GMT x-amzn-RequestId: 7bb21b87-6ecd-4dc1-8e07-bef8e7172d71 Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Platform x-amzn-ErrorType: ForbiddenException x-amz-apigw-id: Cm8LHG-koAMFlBA= Access-Control-Allow-Methods: OPTIONS,POST X-Cache: Error from cloudfront Via: 1.1 9a63a58e298bfb2c58157beda1f6de12.cloudfront.net (CloudFront) X-Amz-Cf-Pop: DEN52-P1 X-Amz-Cf-Id: Wixm-reIOJukfeov0CcZmEfAy7e1ASejSVj6kmCbqe-BRZyqnUNoYQ==

Response Message {"message":"Forbidden"}

Below is a successful Response Header. Only difference is the ISP. The forbidden call was using fiber.net (host-145.arcadia-srv-216-83-134.fiber.net). The successful call was from the same web browser on the same machine, but tethered to T-Mobile hotspot.

Why would AWS block one request but not the other based on the ISP?

SUCCESSFUL Response Header HTTP/1.1 200 OK Content-Type: application/json Content-Length: 0 Connection: keep-alive Date: Thu, 30 Mar 2023 16:54:08 GMT x-amzn-RequestId: e1e7b624-dc5b-43d1-bfcd-434ee36bd580 Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token x-amz-apigw-id: Cmq7qH32IAMFodw= Access-Control-Allow-Methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT X-Cache: Miss from cloudfront Via: 1.1 0c32860274691581031a51698ea82be8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LAX53-P4 X-Amz-Cf-Id: UlBl6kMeG-q_hD9J_9u9tqeWJOywEwNrtYcPSuQSQKJs3RiuRXApPA==

Response Message: {null}

Topics

Security, Identity, & Compliance Networking & Content Delivery

Relevant content

The request could not be satisfied error coming from cloudfront
edwinevans
asked 7 years ago
Bad request. The request could not be satisfied.
Jorge Soto
asked 2 months ago
502 and 494 Error : The request could not be satisfied by cloudfront
Nash
asked 2 years ago
Wonder if AWS service support is available for TLS versions below 1.2
Accepted Answer
Moby
asked 10 months ago
Why is AWS WAF blocking my request or responding with a 403 Forbidden error?
AWS OFFICIALUpdated 2 years ago
Why is my CloudFront distribution returning an “X-Cache:Miss from CloudFront” response?
AWS OFFICIALUpdated 2 years ago
How do I resolve "403 ERROR - The request could not be satisfied. Bad Request" in CloudFront?
AWS OFFICIALUpdated a year ago
How do I troubleshoot a 502: "The request could not be satisfied" error from CloudFront?
AWS OFFICIALUpdated a year ago
Why is AWS Valuable for Small(er) Nonprofits?
EXPERT
Benjaglu
published a year ago
Leveraging AWS re:Post with an AWS Support Plan
EXPERT
Shiv_M
published 4 months ago