Articles → AWS → Signed Cookies In AWS CloudFront

Signed Cookies In AWS CloudFront

Why Signed Cookies?


  1. Create an S3 bucket
  2. Upload a file on the S3 bucket
  3. Create a CloudFront distribution
  4. Create a key pair for the CloudFront
  5. Download the AWS CloudFront cookie signer from GitHub
  6. Change the values in cookieSign.js
  7. Install the required node.js package
  8. Generate a token
  9. Access the resource
  10. Output

Create A S3 Bucket

Picture showing a checkbox to block the public access of the S3 bucket
Click to Enlarge

Picture showing selecting the Object Ownership as ACLs enabled
Click to Enlarge

Upload A File On S3 Bucket

Picture showing an image file is uploaded in the S3 bucket
Click to Enlarge

Create A CloudFront Distribution

Origin domain[URL of the S3 bucket]
Origin AccessLegacy access identities
Origin access identity[origin access identity]
Bucket policyYes, update the bucket policy
Viewer protocol policyHTTPS only
Restrict viewer accessYes
Trusted authorization typeTrusted signer
Trusted signersSelf

Picture showing setting the value of origin domain
Click to Enlarge

Picture showing setting the origin access
Click to Enlarge

Picture showing setting the viewer protocol policy
Click to Enlarge

Picture showing setting the Restrict viewer access
Click to Enlarge

Create A Key Pair For The CloudFront

Picture showing creating the private and public key for cloudfront distribution
Click to Enlarge

Download AWS CloudFront Cookie Signer From GitHub

Change The Values In Cookiesign.Js

keyPairIdYour access key Id that was generated in the previous step.
privateKeyContent of the private key value pair file downloaded earlier. The file starts with the word pk.
cfUrlCloudFront URL.
expiryThe expiry date of the future.

Picture showing the format of the private key
Click to Enlarge

Install Required Node.Js Package

npm install aws-sdk
npm install express
npm install body-parser

Generate A Token

node app.js


Picture showing calling the getSignedCookie method using postman
Click to Enlarge

Access The Resource

Picture showing the URL format of the cloudfront using signed cookie
Click to Enlarge


Picture showing the output of Signed cookies in AWS cloudfront
Click to Enlarge

Posted By  -  Karan Gupta
Posted On  -  Monday, March 21, 2022


Your Email Id  
Query/FeedbackCharacters remaining 250