Hey folks, I'm new to AWS and I'm currently setting up a static site using S3, CloudFront, Cognito, Lambda, and API Gateway. I have two S3 buckets: one public for my HTML files and one private for videos, both managed through CloudFront. Cognito handles user authentication without a custom domain. My videos in the private bucket are accessed via a CloudFront distribution connected to a Lambda function, which provides signed URLs through an API Gateway. Everything has been working smoothly until I attempted to implement CORS. Now, the videos won't play, and I get a CORS issue when fetching API OPTIONS. Despite using tools like ChatGPT and CloudAI for guidance, I'm stumped. The CORS settings seem correct with GET, POST, and OPTIONS methods enabled. I'm looking for any tips on how to successfully manage CORS for my private video access and the static site. I'm still learning, so any help would be greatly appreciated!
3 Answers
You’ll want to make sure that CORS is properly configured on your private bucket to allow requests from your CloudFront URL. Double-check the settings to ensure they're in order!
Let me know if you find anything! I feel like the issue might be more linked to the API's CORS settings.
Can you provide more details about your architecture? For example, how many CloudFront distributions do you have and the purpose of your public bucket? Using API Gateway can help manage multiple origins without needing CORS for everything.
CORS is designed to prevent cross-domain requests, and if your setup uses multiple domains (even subdomains), you need to adjust your CORS policy. Either configure it to allow the specific domains you’re working with, or temporarily remove CORS while you test things out.
Thanks for the insight! I might try the removal option temporarily during testing.
I’ve already set that up, but I’ll double-check everything just to be safe.