2022-10-10

Lambda@Edge

What is Lambda@Edge

Lambda@Edge is a unique feature of Amazon CloudFront, designed to provide users with a more efficient serverless computing environment. It allows developers to execute their custom code at edge locations worldwide, bringing it closer to the end-users. This serverless compute service lets you run your code without provisioning or managing servers, thereby streamlining your workflow and reducing the time it takes to get your applications up and running.

How Lambda@Edge Works

The way Lambda@Edge works is relatively straightforward yet ingenious. When an event triggers a CloudFront request (such as an HTTP request), the request is routed to the edge location that is geographically closest to the user. Then, the corresponding Lambda@Edge function is executed, processing the request and sending a response to the user's application.

This process occurs in real-time, allowing developers to manipulate HTTP requests and responses at the edge locations, making decisions based on user-specific factors, such as the device being used, location, or cookies.

Key Components of Lambda@Edge

Lambda@Edge is essentially a system that comprises of several key components:

  • AWS Lambda Function
    A Lambda function is the custom code written by a developer. It can be written in any of the languages supported by AWS Lambda, such as Node.js, Python, or Java.

  • Event Source
    The event source is the entity that triggers the execution of a Lambda function. In the case of Lambda@Edge, the event source would be a CloudFront event.

  • Edge Location
    This is the AWS site closest to the end-user. It is where the Lambda function is executed.

  • Amazon CloudFront
    This is a content delivery network (CDN) service that delivers data, applications, and APIs to customers globally with low latency and high transfer speeds. CloudFront is integrated with AWS services such as AWS Shield for DDoS mitigation.

Assignable CloudFront Events

CloudFront events represent the points in the request handling flow where you can insert a Lambda function. These events provide hooks into the lifecycle of a request and allow developers to insert custom logic at various stages.

Using AWS Lambda with CloudFront Lambda@Edge
Using AWS Lambda with CloudFront Lambda@Edge

Viewer Request

The viewer request event occurs when CloudFront receives a request from a viewer, before it checks in its cache for the requested content. A Lambda function assigned to this event can inspect and modify the request before CloudFront proceeds with the usual process. This is particularly useful for tasks like inspecting cookies to implement A/B testing or rewriting URLs for SEO optimization.

Origin Request

The origin request event is triggered when CloudFront forwards a request to the origin server, after failing to find the requested content in its cache. Lambda@Edge functions attached to this event have a chance to modify the request being sent to the origin. Use cases include generating HTTP requests to secure private content and changing request headers before sending them to the origin server.

Origin Response

The origin response event is invoked when CloudFront receives a response from the origin server but before it stores the response in its cache. This is an opportunity to modify the response from the origin, including changing headers, compressing content, or appending custom headers for caching purposes.

Viewer Response

The viewer response event is the last event in the request handling flow. It happens just before CloudFront sends the response back to the viewer. A Lambda function assigned to this event can manipulate the response, adding or changing headers, or altering the body of the response. This is a perfect point to implement security measures like adding security headers or obfuscating sensitive data.

Lambda@Edge Restrictions

Using Lambda@Edge in your applications provides a multitude of benefits, but it also comes with some restrictions and limitations that developers should be aware of.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-restrictions.html

Deployment Region Requirement

Currently, all Lambda@Edge functions must be created in the North Virginia (us-east-1) region of AWS. Even though your functions will be run in locations worldwide, the function you create will reside in North Virginia.

Lambda Function Versioning

When you are associating a Lambda function with a CloudFront distribution, you must provide a versioned AWS Lambda function ARN (Amazon Resource Name).

You cannot use the $LATEST version; instead, you need to specify a numeric version of your function or an alias. This is a vital requirement to ensure that CloudFront and your edge locations know exactly which version of your function to execute.

References

https://aws.amazon.com/lambda/edge/
https://docs.aws.amazon.com/lambda/latest/dg/lambda-edge.html
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-restrictions.html

Ryusei Kakujo

researchgatelinkedingithub

Focusing on data science for mobility

Bench Press 100kg!