Home > OS >  AWS Lambda@Edge/Cloudfront execution flow
AWS Lambda@Edge/Cloudfront execution flow

Time:11-24

I am refactoring a project from a third-party company where they add two different Lambda@Edge functions which are triggered by CloudFront.

enter image description here

Basically, the flow is following:

  1. When users call S3 file from web app -> CloutFront fire event which will call Lambda@Edge.
  2. There are two Lambdas: one for counting downloads per user and another one to restrict access.

The problem is that solution is not working and missing a download count check.

What is the execution workflow for Lambda@Edge attached to the same event? I am thinking of placing all the logic inside of one Lambda as I am afraid that counting can happen earlier than access denied. However taking in consideration that lambda@edge have execution time limitation

CodePudding user response:

The documentation is available enter image description here

When a user requests a file there is a viewer request. If the file is in the cache, then a viewer response follows. There is no origin request. For this reason you should authenticate your users on a viewer request.

When the file isn't in the cache, there is an origin request. This is when the file is downloaded from S3.

You could have the logic in a single Lamda@Edge, but you could also:

  • Authenticate users on Viewer Request.
  • Count downloads on Viewer Response. A Viewer Response event will be triggered regardless, if there is cache hit or not, but not when the origin returns an HTTP status code of 400 or higher.
  • Related