By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

[Cloudfront]The Request are failing with error code 403 after enabling ALL_viewer origin request policy

0

We have configured AWS Cloudfront with custom Origin to forward our request to API gateway .As by default QueryStrings are not forwarded to origin . to accommodate new requirement of application , we need to forward QueryStrings to custom origin. But when we enable Origin request policy to forward QueryStrings to Origin(we are using AWS managed "AllViewer" policy for origin request policy ). Once enabled all call to API gateway started failing with error code 403.

Note:- We don't want to cache request for this custom origin.( but it also failing with caching enabled for Querystring)

Topics
ServerlessFront-End Web & MobileNetworking & Content Delivery
Tags
Amazon API GatewayAmazon CloudFrontCaching
Language
English
rePost-User-3719927
asked 2 years ago1491 views
1 Answer
1

This is likely due to the fact that the AllViewer policy also include all request headers. This means that the incoming host header is also being forwarded to the origin. My guess is API Gateway is looking for a different host header than the incoming host header that is being forwarded. The easiest way to resolve this is to use a new custom origin request policy that has query strings set to All, but headers set to none (or only forwarded the appropriate headers that you do need).

profile pictureAWS
Jeremy AWS
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content