AWS Cloudfront Signed Cookie Local Setup

2
votes

I've been attempting to get cloudfront signed cookies setup for a site to make getting HLS manifest segment files easier to authenticate. Setting up the cloudfront origin and code in a live environment seems simple enough looking at resources like

What I'm trying to figure out is if it's possible to to have this working in a local environment (localhost) prior to deploying the initial solution. Cloudfront itself will forward to the live origin which will set the cookies for cloudfront and continue on as normal, but since the code isn't live this will not work until deployed.

Seems like a chicken and egg problem here where I need it live to use it, but can not test it (with code or manually) without it deployed.

Any thoughts here?

1
amazon-web-servicesamazon-cloudfront
Since there isn't a charge for provisioning CloudFront distributions, my practice is to set up a separate distribution for testing... the only way to really test CloudFront is to use CloudFront ... but that doesn't feel like very useful advice, so I may be missing what you're really asking. - Michael - sqlbot
Does this involve just setting up an origin to be the IP of your local computer for request forwarding? If that's the case it seems like you would have to setup another cloudfront distribution as well as deal with opening the local server to the outside world for every project developer. Not really a feasible solution if so. - Ryan Q
Origin has to be a hostname, rather than an IP, or you'll receive the error The parameter origin name cannot be an IP address... but yes, that's essentially what's involved. I use an exposed HAProxy server with multiple hostnames pointing to its single external address, to selectively route HTTP requests inside based on the incoming host header and source IP rules, rather than directly opening internal machines to the 'net. I also have an Internet-exposed pre-launch QA/test environment, identical to production except the hostnames pointing to it. - Michael - sqlbot
Ah that makes more sense. Appreciate the posts. If you post that as the answer I'll accept it for you. - Ryan Q
For local setup, you can generate cookies through your app and set them via browser extension e.g. "EditThisCookie" extension in Chrome. - eadam

1 Answers

0
votes

You'd not be able to test/run it properly on your localhost. When you try to set cookies for your CloudFront URL, you'll encounter cross domain issue. I'd recommend you to try generate signed URL first. If signed URL works, that means you're on the right direction. Setting up a cookie cannot go wrong as long as you've properly set CNAME in the CloudFront Web distribution and CloudFront URL records are set within your domain provider.