How to configure Cloudfront Custom Cache Policy to consider all query parameters except one
I have an AWS Elastic Beanstalk instance that deals with search queries from my application, and a AWS CloudFront instance that caches duplicate queries because its cost a lot less if CloudFront can satisfy request rather than Elastic Beanstalk.
Currently the CloudFront behaviour uses the Legacy Cache Settings option and is set to include All Query strings. This is need because this is where the search query is
e.g
?license1=licensekey&type=release&query=reid:12345564 AND src=22&limit=1&offset=0
but notice I have one parameter called license1 and I want it to ignore this so that two queries with a different license key
?license1=123456&type=release&query=reid:12345564 AND src=22&limit=1&offset=0
?license1=i979798&type=release&query=reid:12345564 AND src=22&limit=1&offset=0
will both retrieve the same cached element from CloudFront, but currently I just set it to the same value for everyone because I don't know how to do this. The license1 field is only of interest to ElasticBeanstalk, and I want CloudFront to ignore this.
I was looking at the Create Custom Cache Policy option and this has an additional option of Include all query strings except and I was hoping I could use to just ignore the license1 parameter but I'm not sure works this way, I don't understand what I have to enter as the query String here.
I have resolved the issue
- Create a policy to use as a Cache Policy select the include all query strings except option and add the license1 field to the Block list
Create another policy to use as the Origin request policy, this determines what is sent to the server if CloudFront has a miss. If not specified it will use the Cache policy and therefore strip out the license1 field which we don't want, so for this one we set Query strings - All
Then we use both in our CloudFront instance
I also then temporarily enabled Standard Logging in CloudFront and did some tests to ensure that including license1 with different values from different users still allowed for a Hit if the actual search query was the same. Its slightly confusing because the CloudFront logs show the url with license1 included even though ignored by CloudFront, but it worked as expected
And I also checked server to ensure the license1 value was coming through when CloudFront had a miss.
- AWS Lambda container (aws-nuke) exits with Runtime.ExitError even though process returns exit code 0
- Where in the aws management console to modify elastic beanstalk health check url?
- Can we remove a security group from an running EC2 instance?
- "module 'os' has no attribute 'add_dll_directory'" in aws lambda function
- AWS Lex descriptive bot builder
- How can I check an AWS SQS queue is available before accessing it?
- What is an 'invalid principal' in an AWS cloud formation error message?
- Terraform launch EC2 condition based on count
- Pod is using node group role instead of service account in aws eks with an up to date AWS SDK
- Can't enable EnableExecuteCommand in ECS service blue/green
- CloudFormation, apply Condition on DependsOn
- How to deploy an AWS Amplify app from GitHub Actions?
- AWS - How to install java11 on an EC2 Linux machine?
- Redshift cannot parse response from python lambda
- couldn't get current server API group list: the server has asked for the client to provide credentials error: You must be logged in to the server
- How can I set the AWS API Gateway timeout higher than 30 seconds?
- AWS moving large amount of objects
- Extract data and sibling node from sub-array
- How is it possible to debug an AWS Lambda function from remote?
- Getting "No AWS accounts are available to you" when using aws configure sso
- What are the differences between AWS Cloud HSM and KMS?
- Build IcebergSinkConnector with AWSKafkaAvroConverter for MSK Connect
- How to avoid full table scan in Glue's create_dynamic_frame.from_options for dynamodb
- AWS CodeDeploy: stuck on install step
- How to debug a failed systemctl service (code=exited, status=217/USER)?
- Hot partition problem in DynamoDB gone with the new on-demand feature?
- Add image files into react state using 'useState'
- WGET seems not to work with user data on AWS EC2 launch
- Automating access to models in AWS Bedrock
- Unable to submit (resubmit?) use case for model access