AWS Lambda Edge Customization – A Complete Break Down.
A full deep-dive into AWS Lambda@Edge customization,
A step-by-step approach on how Lambda Edge works, & where twtech can tweak things around for its needs.
1. The
concept: Lambda@Edge
Lambda@Edge lets twtech to run custom code at AWS CloudFront edge locations — close to its users to minimize downtime — without provisioning servers.
It’s essentially AWS
Lambda integrated with CloudFront events so twtech can inspect, modify, or generate requests/responses in real
time.
Think of it as:
“A programmable CDN layer.”
2. Lambda@Edge Execution Flow
Lambda@Edge functions run in response to CloudFront events, and can be
attached at different points in
the request/response lifecycle:
|
Event Type |
When It Runs |
Common Uses |
|
Viewer
Request. |
Runs when a request reaches CloudFront before cache lookup. |
Auth, request validation, URL rewriting, geolocation-based
redirects |
|
Origin
Request. |
Runs before forwarding to the origin (after cache miss). |
Dynamic origin selection, header injection, API calls |
|
Origin
Response. |
Runs when the origin sends a response to CloudFront. |
Response transformation, security headers, A/B testing |
|
Viewer
Response. |
Runs before the response is sent to the viewer. |
Add cookies, security headers, compression |
Lambda@Edge gives twtech
deep control over:
·
Headers
→ Add, remove, or modify HTTP headers.
·
Cookies
→ Read, set, or manipulate cookies.
·
URLs
→ Rewrite paths, query strings, redirects.
·
Geo-location
→ Use CloudFront-Viewer-Country
to serve region-specific content.
·
Access
Control → Block/allow users based on IP, device, auth tokens.
·
Content
Transformation → Modify HTML/CSS/JSON before serving.
·
Origin
Routing → Dynamically select a backend (multi-region failover, A/B
testing).
4. How Deployment Works
1.
Create Lambda
Function in us-east-2 (Ohio) — Lambda@Edge requires
this region.
2.
Attach to
CloudFront Event via the CloudFront console or API.
3.
AWS Replicates twtech Code
to all global edge locations.
4.
Code Runs at the
Edge on events twtech has configured.
5. Runtime & Limits
·
Supported runtimes: Node.js & Python
(Java/Go not supported at Edge).
·
Memory:
128 MB – 3,008 MB.
·
Max
execution time:
o Viewer
events → 5 seconds.
o Origin
events → 30 seconds.
·
Package
size limits:
o Compressed:
≤ 1 MB (inline with CloudFront request)
o Uncompressed:
≤ 50 MB
·
No VPC support — runs in AWS’s edge-managed
infra.
6. Security & Compliance
·
IAM
Policies — Limit what the Lambda can access.
·
Data
Privacy — Edge functions see HTTP data; comply with GDPR/CCPA if
processing PII(Personal Identification Information).
· Versioning — Lambda@Edge requires published versions; aliases won’t work without publishing.
7.
Example Customization Scenarios
a)
Geo-based Redirect
# javascript'use strict';exports.handler = async (event) => { const request = event.Records[0].cf.request; const country = request.headers['cloudfront-viewer-country'][0].value; if (country === 'US') { return { status: '302', statusDescription: 'Found', headers: { location: [{ key: 'Location', value: '/fr/index.html' }] } }; } return request;};b) Dynamic Origin Selection
# javascript
'use strict';exports.handler = async (event) => { const request = event.Records[0].cf.request; const hour = new Date().getUTCHours(); if (hour < 12) { request.origin = { custom: { domainName: 'twtechapp.com', protocol: 'https' } }; } else { request.origin = { custom: { domainName: ' twtechapp.com', protocol: 'https' } }; } return request;};8. Costs
·
Lambda@Edge
Execution Cost:
o Charged
per request (GB-seconds) + data transfer.
·
CloudFront
Requests:
o Viewer
requests still incur CloudFront request pricing.
9. Best Practices
·
Keep the function small & efficient (cold starts happen at edge too).
·
Cache results whenever possible.
·
Test in a dev distribution before going global.
·
Use CloudFront test events for simulation.
Avoid long-running computations — Always remember latency is critical at the edge.
No comments:
Post a Comment