Articles → AWS → Signed Cookies In AWS CloudFront

Signed Cookies In AWS CloudFront






Why Signed Cookies?





Steps




  1. Create an S3 bucket
  2. Upload a file on the S3 bucket
  3. Create a CloudFront distribution
  4. Create a key pair for the CloudFront
  5. Download the AWS CloudFront cookie signer from GitHub
  6. Change the values in cookieSign.js
  7. Install the required node.js package
  8. Generate a token
  9. Access the resource
  10. Output

Create A S3 Bucket




Picture showing a checkbox to block the public access of the S3 bucket
Click to Enlarge



Picture showing selecting the Object Ownership as ACLs enabled
Click to Enlarge


Upload A File On S3 Bucket




Picture showing an image file is uploaded in the S3 bucket
Click to Enlarge


Create A CloudFront Distribution




OptionValue
Origin domain[URL of the S3 bucket]
Origin AccessLegacy access identities
Origin access identity[origin access identity]
Bucket policyYes, update the bucket policy
Viewer protocol policyHTTPS only
Restrict viewer accessYes
Trusted authorization typeTrusted signer
Trusted signersSelf




Picture showing setting the value of origin domain
Click to Enlarge

Picture showing setting the origin access
Click to Enlarge

Picture showing setting the viewer protocol policy
Click to Enlarge

Picture showing setting the Restrict viewer access
Click to Enlarge


Create A Key Pair For The CloudFront




Picture showing creating the private and public key for cloudfront distribution
Click to Enlarge


Download AWS CloudFront Cookie Signer From GitHub





Change The Values In Cookiesign.Js




VariableValue
keyPairIdYour access key Id that was generated in the previous step.
privateKeyContent of the private key value pair file downloaded earlier. The file starts with the word pk.
cfUrlCloudFront URL.
expiryThe expiry date of the future.




Picture showing the format of the private key
Click to Enlarge




Install Required Node.Js Package




npm install aws-sdk
npm install express
npm install body-parser



Generate A Token




node app.js




http://localhost:3000/getSignedCookie




Picture showing calling the getSignedCookie method using postman
Click to Enlarge


Access The Resource




Picture showing the URL format of the cloudfront using signed cookie
Click to Enlarge




Output


Picture showing the output of Signed cookies in AWS cloudfront
Click to Enlarge


Posted By  -  Karan Gupta
 
Posted On  -  Monday, March 21, 2022

Query/Feedback


Your Email Id  
 
Subject 
 
Query/FeedbackCharacters remaining 250