I have an ELB that I want to put behind CloudFront. Let's say the ELB is example.us-east-1.elb.amazonaws.com. It only accepts requests with the Host header set to www.example.com, which I now want to host with CloudFront. Is it possible to tell CloudFront to use this Host
header? When I try to set the Host
header in the AWS console for CloudFront, I receive the error message com.amazonaws.services.cloudfront.model.InvalidArgumentException: The parameter HeaderName : Host is not allowed. (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidArgument; Request ID: dead-beef-badc0ffee1)
.
CloudFront Custom Headers – How to Send Custom Host Header with CloudFront
amazon-cloudfrontamazon-web-services
Best Answer
Presumably, if the service on the ELB only answers to
www.example.com
then that's the hostname you're going to be pointing to CloudFront -- so, your solution is straightforward: in the Cache Behavior settings, whitelist theHost
header for forwarding to the origin.In this configuration, CloudFront passes through the
Host
header sent by the browser, which must be added to the list of Alternate Domain Names in the distribution's configuration. Requests fordzzzexample.cloudfront.net
will fail, because your origin won't understand them, but that's usually good, because you don't want to have search engines indexing your content under the CDN domain name.However, that might not be your plan. If that configuration won't work for your application, you need a Lambda@Edge Origin Request trigger to modify the
Host
header.Note that the
Host
header is immutable in an Origin Request trigger unless you configure the Cache Behavior to whitelist theHost
header as described above. In this case, you're whitelisting theHost
header set by the Lambda@Edge trigger, rather than the one from the browser, but the CloudFront configuration is the same.You can't use
Host
in the static Custom Origin Headers configuration in CloudFront -- that's not a supported configuration. The Lambda trigger has the same effect that setting would have, if it were permitted.