以下の構成手順概要の通り実装した際に、独自ドメインからS3のバケットURLに307リダイレクトされてしまうという現象が発生しましたので記録しておきます。
この現象が発生した際に、curl –verbose をやってみたので以下に記載しておきます。
HOGE:~ $ curl -verbose https://hoge.com/hoge.txt
* Trying 13.32.54.52...
* TCP_NODELAY set
* Connected to hoge.com (13.32.54.52) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / xxx
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=hoge.com
* start date: Sep 11 00:00:00 2019 GMT
* expire date: Oct 11 12:00:00 2020 GMT
* subjectAltName: host "hoge.com" matched cert's "hoge.com"
* issuer: C=US; O=Amazon; OU=Server CA 1B; CN=Amazon
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fcd1f805000)
> GET /hoge.txt HTTP/2
> Host: hoge.com
> User-Agent: curl/7.54.0
> Accept: */*
> Referer: rbose
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 307
< content-type: application/xml
< location: https://hoge-robots.s3-ap-northeast-1.amazonaws.com/hoge.txt
< x-amz-bucket-region: ap-northeast-1
< date: Thu, 12 Sep 2019 07:02:40 GMT
< server: AmazonS3
< x-cache: Miss from cloudfront
< via: 1.1 xxx.cloudfront.net (CloudFront)
< x-amz-cf-pop: NRT57-C1
< x-amz-cf-id: xxx==
<
<?xml version="1.0" encoding="UTF-8"?>
* Connection #0 to host hoge.com left intact
<Error><Code>TemporaryRedirect</Code><Message>Please re-send this request to the specified temporary endpoint. Continue to use the original request endpoint for future requests.</Message><Endpoint>hoge.s3-ap-northeast-1.amazonaws.com</Endpoint><Bucket>hoge</Bucket><RequestId>xxx</RequestId><HostId>xxx+xxx/xxx/xxx=</HostId></Error>
http 307リダイレクト
307リダイレクトは一時的なリダイレクトです。以前まで302リダイレクトでしたが、302の規格外の使用方法が横行した為、新たに採番されたようです。
原因
結論、キャッシュでした。CloudFrontデプロイ後、1時間ほど様子を見ていたら勝手に直りました。
CloudFrontまとめ記事
以下にまとめました。