24

I have created an AWS Lambda with the new function URL feature enabled.

Since the URL isn't that easy to remember, I would like to create a Route 53 alias like lambda.mywebsite.com.

There is no Route 53 alias for Lambda function URLs in the drop-down menu for aliases in Route 53.

How can I call my AWS Lambda function URL via a custom domain?

Is a CNAME record the way to go?

Ermiya Eskandary
  • 15,323
  • 3
  • 31
  • 44
Kaguei Nakueka
  • 993
  • 2
  • 13
  • 34

3 Answers3

22

How can I call my AWS Lambda function URL via a custom domain?

If you must use an AWS Lambda function URL, fronting it with a CloudFront distribution with your desired custom domain name is the only way currently.

There is no support currently for a Route 53 alias record, as the Host header must be set to the Lambda function URL domain. If the Host header does not exist, HTTP 400 Bad Request is returned & if it does exist but is not the correct value, HTTP 403 Forbidden is returned.

They are meant to be the simplest & fastest way to invoke your Lambda functions via a public endpoint without using other AWS services like API gateway, so a native lack of support for a custom domain name makes sense.

Ermiya Eskandary
  • 15,323
  • 3
  • 31
  • 44
  • thanks for the answer! do you know why invoking the lambda function URL via the browser seems to invoke the function, but invoking the same URL via postman does not invoke the function and gets an error saying the server cannot be reached? – Crashalot Apr 12 '22 at 20:58
  • Have you actually tried this or are you guessing? Reason I ask is that I tried it and accessing via the on.aws URL works fine, but going via my CNAME gets a 403. – JasonK Apr 29 '22 at 19:15
  • No. It's a private Route 53 zone entry. But other than being private, it's just a CNAME to the function URL. Edit: Now that I think about it, it's technically a CNAME created via CloudMap. Not sure if that makes a difference. – JasonK May 02 '22 at 20:32
  • 1
    I contacted AWS Support. The issue is that you have to include a Host header with the hostname from the function URL which really defeats the entire purpose of creating the CNAME in the first place. – JasonK May 04 '22 at 19:22
  • @JasonK Thank you for flagging this, I've now manually tested a few options and you're correct. I've updated my answer to reflect part of your findings and a solution that actually works (which I've manually tried) – Ermiya Eskandary May 04 '22 at 21:20
7

I tried the same once lambda url feature was out. Following are the steps:

  1. Create a cloudfront distribution with lambda url as https endpoint, add the domain name in the alternate domain name field.
  2. Create a A record for the domain in Route53 and point it to the cloudfront distribution.

Note: If in case you haven't added domain certificate in step1 then the cloudfront option in step2 wont show any value to select.

reena .m
  • 99
  • 2
  • do you know why invoking the lambda function URL via the browser seems to invoke the function, but invoking the same URL via postman does not invoke the function and gets an error saying the server cannot be reached? – Crashalot Apr 12 '22 at 21:00
  • 1
    @Crashalot Strange. Perhaps Cloudfront has some WAF/bot-check. A browser request will pass that (it has a user agent etc) but perhaps it thinks your Postman call is a bot and so rejecting it before it even hits the function – coder_uk Apr 18 '22 at 13:30
  • 1
    super helpful, thanks. one thing to note is when you create the A record, select the type "Alias" THEN you can specify "Cloudfront", and the cloudfront you created should be listed. (Normal A record requires an IP address) – jpw May 13 '22 at 09:12
7

If you use CloudFlare for your DNS services you can use Redirect Rules under the Rules tab. For simple projects the DNS management is free, and you get up to 10 free Redirect Rules.

More info here: https://developers.cloudflare.com/rules/url-forwarding/single-redirects/create-dashboard/

For my purposes in CloudFlare I set up a Static redirect to my Lambda URL provided in the AWS Console, with a 307 Status Code: enter image description here

Copy and Paste
  • 496
  • 6
  • 16