Articles → AWS → Signed Cookies In AWS CloudFront

Signed Cookies In AWS CloudFront

Why Signed Cookies?


  1. Create an S3 bucket
  2. Upload a file on the S3 bucket
  3. Create a CloudFront distribution
  4. Create a key pair for the CloudFront
  5. Download the AWS CloudFront cookie signer from GitHub
  6. Change the values in "cookieSign.js"
  7. Install the required node.js package
  8. Generate a token
  9. Access the resource
  10. Output

Create A S3 Bucket

Picture showing a checkbox to block the public access of the S3 bucket

Click to Enlarge

Picture showing selecting the Object Ownership as ACLs enabled

Click to Enlarge

Upload A File On S3 Bucket

Picture showing an image file is uploaded in the S3 bucket

Click to Enlarge

Create A CloudFront Distribution

Origin domain
S3 bucket accessYes, use OAI (bucket can restrict access to only CloudFront)
Origin access identity
Bucket policyYes, update the bucket policy
Viewer protocol policyHTTPS only
Restrict viewer accessYes
Trusted authorization typeTrusted signer
Trusted signersSelf

Picture showing the screen to create the cloudfront distribution

Click to Enlarge

Create A Key Pair For The CloudFront

Picture showing creating the private and public key for cloudfront distribution

Click to Enlarge

Download AWS CloudFront Cookie Signer From GitHub

Change The Values In “Cookiesign.Js”

keyPairIdYour access key Id that was generated in the previous step.
privateKeyContent of the private key value pair file downloaded earlier. The file starts with the word pk.
cfUrlCloudFront URL.
expiryThe expiry date of the future.

Picture showing the format of the private key

Click to Enlarge

Install Required Node.Js Package

npm install aws-sdk
npm install express
npm install body-parser

Generate A Token

node app.js


Picture showing calling the getSignedCookie method using postman

Click to Enlarge

Access The Resource

Picture showing the URL format of the cloudfront using signed cookie

Click to Enlarge


Picture showing the output of Signed cookies in AWS cloudfront

Click to Enlarge

Posted By  -  Karan Gupta
Posted On  -  Monday, March 21, 2022


Your Email Id  
Query/FeedbackCharacters remaining 250