Problem
I have Access Denied
for GET request to cloudfront with signed cookies using both canned and custom policy.
Details
-
cdn.example.com
is the alternate domain ofabc.cloudfront.net
, and CNAME is set on both cloudfront and cloudflare. - I expect after
abc.example.com/authorize
,cdn.example.com
is accessible. - I am using PHP with Laravel behind
abc.example.com/authroize
, and the code is as follows.
```
$cloudFront = new Aws\CloudFront\CloudFrontClient([
'region' => 'us-west-2',
'version' => '2014-11-06'
]);
$resourceKey = 'http://cdn.example.com';
$expires = time() + 300;
$signedCookieCannedPolicy = $cloudFront->getSignedCookie([
'url' => $resourceKey,
'expires' => $expires,
'private_key' => 'pk.pem',
'key_pair_id' => 'XXXXXXXXXXXXXX',
]);
$response = Response::success();
foreach ($signedCookieCannedPolicy as $name => $value) {
$response->withCookie(Cookie::make($name, $value, 360, null, 'example.com'));
}
return $response;
```
- The cookies are set for
.example.com
- When I go to
cdn.example.com
, the following message is shown
Thanks in advance.