I've got a CloudFront distribution with a custom origin defined. When I hit the CloudFront distribution, it returns a 200 and an empty response.
< HTTP/2 200
< content-type: application/json
< content-length: 4
< date: Fri, 16 Sep 2022 22:20:57 GMT
< x-amzn-requestid: d69e704c-114d-4bc9-9e09-e13a6c7bfd16
< x-amz-apigw-id: Ykt_gEMKFiAFZhw=
< cache-control: no-store
< x-amzn-trace-id: Root=1-6324f6c9-097c1ba13e2f509623b719ee;Sampled=0
< x-cache: Miss from cloudfront
< via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
< x-amz-cf-pop: FRA56-C1
< x-amz-cf-id: F-cU2kxROk9jWk61DMa7WSZ-V04FL43uZnDCxGloujKMQnoY68JPKQ==
<
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection #0 to host my.cloudfront.com left intact
When I hit the origin directly, I get a 500 and an error.
< HTTP/2 500
< date: Fri, 16 Sep 2022 22:22:50 GMT
< content-type: text/plain
< content-length: 654
< x-amzn-requestid: 5a1e61a6-c8e0-4014-9b22-7b621379c7c9
< x-amz-apigw-id: YkuRDEL1liAFkdQ=
< x-amzn-trace-id: Root=1-6324f739-5ee2c4f27e3f986653b634ad;Sampled=0
<
Traceback (most recent call last):
File "/var/task/chalice/app.py", line 1913, in _get_view_function_response
response = view_function(**function_args)
File "/var/task/app.py", line 16, in _exec
r = func(*args, **kw)
File "/var/task/app.py", line 34, in login
token = get_token(code)
File "/var/task/chalicelib/cognito.py", line 36, in get_token
response.raise_for_status()
File "/var/task/requests/models.py", line 1021, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://mybackend.auth.us-east-1.amazoncognito.com/oauth2/token
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection #0 to host my.origin.com left intact
I don't know how to check if it's edge or regional; the price class is "Use only North America and Europe" if that helps. And I'm not using Cognito with CloudFront — that's integrated into the Chalice app I'm running, and I expect the error. I just don't understand why it's not propagating to the front end.
The origin domain is set correctly, I have no custom error pages defined, and the routing seems to be correct — I get different responses if I hit routes that don't exist.
What's going on?
AWS OFFICIALUpdated 2 years ago
Hi, @catsclaw
Is your origin API Gateway?
What mode of API Gateway are you using, edge? regional?
Your API Gateway probably has Cognito authentication configured and seems to be failing that authentication. Do you have any idea?
You should get a 500 error on CloudFront too...Are your origin settings and routing in API Gateway configured correctly?