Mahagney Saleh
Reputation: 117
AccessDenied when generate signed url for Amazon s3 using aws-cloudfront-sign and node.js
I created a bucket on s3 and added a HTML file, after this I created a Cloud Front key pair using my root user and added a Cloud Front Distribution for that bucket. Tried to access the object using that distribution and it worked, than I restricted access to the bucket using Behaviour and selected "self".
Finally I generated a signed url from node js and tested it using Postman.
The problem is that I always get AccessDenied.
<Error>
<Code>AccessDenied</Code>
<Message>Access denied</Message>
</Error>
Here is my code.
const cfsign = require("aws-cloudfront-sign");
var signingParams = {
keypairId: process.env.PUBLIC_KEY,
privateKeyPath: "./aws/Y3PA.pem",
expireTime: (new Date().getTime() + 999999999)
};
// Generating a signed URL
signedUrl = () => {
console.log("url created " + process.env.PUBLIC_KEY);
return cfsign.getSignedUrl(
"xxxx.cloudfront.net/test.html",
signingParams
);
}
Upvotes: 0
Views: 531
Answers (1)
Michael - sqlbot
Reputation: 179404
The scheme is part of the URL that is required as input to the signature algorithm, so your error is lilely to be here:
cfsign.getSignedUrl("xxxx.cloudfront.net/...
Instead of that, you need this:
cfsign.getSignedUrl("https://xxxx.cloudfront.net/...
Upvotes: 2
Related Questions
- AWS cannot signed CloudFront urls
- Issues generating CloudFront signed URLs; always Access Denied
- AWS CloudFront with Signed URL: 403 Access Denied
- Creating signed url for amazon cloudfront using javascript
- Creating signed S3 and Cloudfront URLs via the AWS SDK
- Access denied for AWS CloudFront signed URL
- How to connect my Pre-signed URL bucket in s3 to cloud-front
- S3-backed CloudFront and signed URLs
- Should I be getting a Cloudfront ‘MissingKey’ error when using an unsigned URL to access a public-read S3 object?
- Amazon S3 Signed URL and Cloudfront - Access Denied