iT邦幫忙

第 12 屆 iThome 鐵人賽

DAY 17
0
自我挑戰組

AWS Certified Solution Architect 系列 第 17

AWS Certified Solution Architect - CloudFront(2)

  • 分享至 

  • xImage
  •  

Lambda@Edge

We can use Lambda@Edge to override the behaviour of request and responses

  1. Viewer request : When CloudFront receives a request from a viewer.
  2. Origin request : Before CloudFront forwards a request to the origin.
  3. Origin response : When CloudFront receives a response from the origin
  4. Viewer response Before CloudFront returns the response to the viewer

https://ithelp.ithome.com.tw/upload/images/20200917/201295608EjUqRBrZQ.png


Protection

By Default a Distribution allows everyone to have access.

  • Original Identity Access(OAI) :
    A virtual user identity that will be used to give your CloudFront Distribution permission to fetch a private object
    https://ithelp.ithome.com.tw/upload/images/20200917/20129560Ap9DlBtkWp.png

    when Restrict viewer Access set to Yes, viewer must use Signed URLs or Signed cookies to access content

    1. Signed URLs :
      It's NOT the same with Presigned URL in S3.
      it's a url with provides temporary access to cached objects
    2. Signed Cookies
      A cookie which is passed along with the request to CloudFront.
      The advantage of using a Cookie rather than Signed URL is you want to provide access to multiple restricted files, so you don't need to generate Signed URLs for every files you want to access.

上一篇
AWS Certified Solution Architect - CloudFront
下一篇
AWS Certified Solution Architect - Route53 (Part 1)
系列文
AWS Certified Solution Architect 30
圖片
  直播研討會
圖片
{{ item.channelVendor }} {{ item.webinarstarted }} |
{{ formatDate(item.duration) }}
直播中

尚未有邦友留言

立即登入留言