S3 sign url with cloudfront

I want to use localstack to mock the following:

  1. S3 bucket that contains files
  2. cloudfront cdn that signed URL for objects in S3 and serve them.

I have a service that sign URL as such

https://<cdn domain>/<dir>/file.txt?Expires=0000&Key-Pair-Id=YYY&Signature=XXX

however I can’t seem to mock it with localstack.
I followed the instructions here https://docs.localstack.cloud/user-guide/aws/cloudfront/ (I know this is not signed but this is where I got stuck) but after setting the cloudfront I get refused connection on the curl command.

any help with this setup would be appreciated.

I use this docker-compose file:

version: ‘3.8’
container_name: “aws-mock”
image: localstack/localstack-pro
- “4566:4566”
- SERVICES=secretsmanager,s3,cloudfront
- DOCKER_HOST=unix:///var/run/docker.sock
- “${TMPDIR:-/tmp}/localstack:/tmp/localstack”
- “/var/run/docker.sock:/var/run/docker.sock”

Hi @Hein,

Could you please give a try to a default docker-compose.yml file and see if the connection issue is still there?
Using DEBUG=1 and LS_LOG=trace should give you more details within the LocalStack logs.

version: "3.8"

    container_name: "${LOCALSTACK_DOCKER_NAME-localstack_main}"
    image: localstack/localstack-pro  # required for Pro
      - ""            # LocalStack Gateway
      - ""  # external services port range
      - ""                # DNS config (required for Pro)
      - ""            # DNS config (required for Pro)
      - ""              # LocalStack HTTPS Gateway (required for Pro)
      - DEBUG=1
      - LS_LOG=trace
      - LOCALSTACK_API_KEY=${LOCALSTACK_API_KEY-}  # required for Pro
      - DOCKER_HOST=unix:///var/run/docker.sock
      - "${LOCALSTACK_VOLUME_DIR:-./volume}:/var/lib/localstack"
      - "/var/run/docker.sock:/var/run/docker.sock"

thank you very much. I guess I was missing the ports from what I can see.
can you also explain how to configure URL signer since I didn’t find any documentation about this?

Hi @Hein,

I do not believe that all the operations are yet to be implemented in LocalStack to make it work.
Could you please create a Feature request in this forum and share your use case with a small example?

This will help us to include it on our roadmap.

Thank you.

Oh, I see now that operations regarding public keys are not supported yet.
Thanks for the help