Skip to content

Instantly share code, notes, and snippets.

@tkuchiki

tkuchiki/memo.md

Created June 5, 2017 03:37
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tkuchiki/536220dc39026157c8a24db011109033 to your computer and use it in GitHub Desktop.
Save tkuchiki/536220dc39026157c8a24db011109033 to your computer and use it in GitHub Desktop.
Download ZIP
CloudFront + EC2 の構成で、EC2 に直接アクセスしたときは 403 を返す
Raw
memo.md
  • CloudFront の Origin Custom Headers に秘密の鍵を設定する
    • X-Pre-Shared-Key : aen1caixahCha4Eb1aeKohpeeshii7quaiz7eT9Aequae3hophah0uh3lecoquoo みたいな
  • Nginx に以下の設定を入れる
        location / {
            if ($http_x_pre_shared_key = "aen1caixahCha4Eb1aeKohpeeshii7quaiz7eT9Aequae3hophah0uh3lecoquoo") {
                return 200 "OK";
            }
            return 403;
        }
  • WAF は EC2 に使えないようなので、自前でやるしかなさそう

参考

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment