1

A third party program is needing to access static files from our CDN. The issue is, instead of fetching these files via GET, they are making this request via POST.

When testing this POST => cdn.company.com/somefile, I get-

<?xml version="1.0" encoding="UTF-8"?>
<Error>
    <Code>MethodNotAllowed</Code>
    <Message>The specified method is not allowed against this resource.</Message>
    <Method>POST</Method>
    <ResourceType>OBJECT</ResourceType>
</Error>

The CloudFront behavior is set to support all methods-

cache behavior

And the CORS configuration includes the POST method-

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <MaxAgeSeconds>2592000</MaxAgeSeconds>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

Not sure what else needs to be done. My suspicion is that S3 (correctly) assumes a POST is trying to add information to the bucket, where it should just return the file at the path. Is this possible with cloudfront to s3? Do I need to forward the request to a lambda which will download the file instead?

micah
  • 6,213
  • 6
  • 35
  • 62
  • The third party program is broken. They really need to use the *correct* verb for the action they are taking, which is `GET`. Should you fix this for them by creating a workaround? Arguably not, but if it's necessary for whatever reason, there is another question that will determine your options: how large are the objects? – Michael - sqlbot Dec 15 '18 at 19:37
  • I completely agree with you Michael. The problem is the third party program is Apple. The object is about 250kb zipped – micah Dec 16 '18 at 00:56
  • Are you absolutely sure that this is the right diagnosis of the problem you are trying to solve? Can you provide any more context, maybe a link to some apple docs? I'd hate to solve the wrong problem. – Michael - sqlbot Dec 16 '18 at 04:10
  • https://developer.apple.com/library/archive/documentation/NetworkingInternet/Conceptual/NotificationProgrammingGuideForWebsites/PushNotifications/PushNotifications.html. Under "Downloading Your Website Package"- a POST request instead of a GET request is used. Meaning the push package cannot be served by s3 directly – micah Dec 16 '18 at 16:59

1 Answers1

0

S3 only supports GET and HEAD so you can't send a POST request (see related).

You can write a lambda Edge function that replaces the request POST method with GET before sending it to the origin (s3). No need to download the file locally.

LiorH
  • 16,760
  • 15
  • 67
  • 91
  • The HTTP method is listed as read-only in Lambda@Edge. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-event-structure.html – Michael - sqlbot Dec 15 '18 at 19:31
  • You're correct for view request lambda, but I believe the origin request method can be modified. – LiorH Dec 15 '18 at 19:40
  • I was worried I'd need the lambda@edge to fetch the contents from s3 and return. Are you saying I can just modify the method and forward it on? That would be the best scenario! – micah Dec 16 '18 at 00:58
  • Marking this as the answer as it got me closest. Unfortunately, you cannot change the origin method in edge. The solution is gross but you have to use the edge lambda to fetch the s3 and return it directly in the response body (change content-type and use b64 encoding). Making the edge lambda only useful compared to a normal lambda in that it's globally distributed – micah Dec 16 '18 at 17:01