Articles → AWS → Signed Cookies In AWS CloudFront

Signed Cookies In AWS CloudFront






Why Signed Cookies?





Steps




  1. Create a S3 bucket.
  2. Upload a file on S3 bucket.
  3. Create a CloudFront distribution.
  4. Create a key pair for the CloudFront.
  5. Download AWS CloudFront cookie signer from GitHub.
  6. Change the values in "cookieSign.js"
  7. Install required node.js package.
  8. Generate a token.
  9. Access the resource
  10. Output

Create A S3 Bucket




Picture showing a checkbox to block the public access of the S3 bucket

Click to Enlarge



Picture showing selecting the Object Ownership as ACLs enabled

Click to Enlarge


Upload A File On S3 Bucket




Picture showing an image file is uploaded in the S3 bucket

Click to Enlarge


Create A CloudFront Distribution




OptionValue
Origin domain
S3 bucket accessYes, use OAI (bucket can restrict access to only CloudFront)
Origin access identity
Bucket policyYes, update the bucket policy
Viewer protocol policyHTTPS only
Restrict viewer accessYes
Trusted authorization typeTrusted signer
Trusted signersSelf




Picture showing the screen to create the cloudfront distribution

Click to Enlarge


Create A Key Pair For The CloudFront




Picture showing creating the private and public key for cloudfront distribution

Click to Enlarge


Download AWS CloudFront Cookie Signer From GitHub





Change The Values In “Cookiesign.Js”




VariableValue
keyPairIdYour access key Id generated in the previous step.
privateKeyContent of the private key value pair file downloaded earlier. The file starts with the word “pk”.
cfUrlCloudFront URL.
expiryExpiry date of the future.




Picture showing the format of the private key

Click to Enlarge




Install Required Node.Js Package




npm install aws-sdk
npm install express
npm install body-parser



Generate A Token




node app.js




http://localhost:3000/getSignedCookie




Picture showing calling the getSignedCookie method using postman

Click to Enlarge


Access The Resource




Picture showing the URL format of the cloudfront using signed cookie

Click to Enlarge




Output


Picture showing the output of Signed cookies in AWS cloudfront

Click to Enlarge


Posted By  -  Karan Gupta
 
Posted On  -  Monday, March 21, 2022

Query/Feedback


Your Email Id  
 
Subject 
 
Query/FeedbackCharacters remaining 250