3

Is it possible to configure my AWS CloudFront distribution to append to the request a custom query param (e.g a private key) before sending it to the origin?

For example, the front end is calling *.cloudfront.net/get and CloudFront forwarding the request to custom-server.com/get?key=MY-PRIVATE-KEY

I didn't find details regarding it online, but did find that you can add custom headers which makes me suspect that it's possible.

If it's indeed possible, a follow-up question would be how can it be done using CloudFormation yaml config code.

Dave M
  • 4,514
  • 22
  • 31
  • 30
Nadav96
  • 131
  • 1
  • 1
    I don't really understand what you're trying to achieve. Sounds like something you might do with Lambda @ Edge or (probably not but worth looking at) the new Cloudfront Functions ( https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/ ) – Tim May 04 '21 at 22:37
  • @Tim Thanks for the suggestion. I'm aiming to forward a call from the front end to an outside api using an API key that I don't want the world to see, and I was hoping it can be done with the Cloudfront configuration by itself (without lambda edge). You suspect it cannot be done? – Nadav96 May 05 '21 at 20:17
  • Not with CloudFront, that's a CDN. I'd need to see a picture of your architecture to give more suggestions. – Tim May 05 '21 at 22:01

1 Answers1

0

You can update the query string sent to origin with a cloudwatch function that you add to the "Viewer Request" on cloudfront behavior. Here is an example

function handler(event) {
  event.request.querystring.key = {value:'MY-PRIVATE-KEY'}; 
  return event.request;
}
james.c.funk
  • 111
  • 2