-1

I had a CloudFront distribution using the legacy cache Behavior and Aws Lambda Edge to change the origin path to serve multiple websites using the same bucket.

This was my lambda edge that was working with the legacy cache behavior:

                |
                'use strict';                 
                const env = '${Environment}';
                const origin_hostname = 'yourwebsite-${Environment}.s3.amazonaws.com';
                
                exports.handler = (event, context, callback) => {
                    const request = event.Records[0].cf.request;
                    const headers = request.headers;
                    const host_header = headers.host[0].value;
                    var remove_suffix = '.yourwebsite.com';

                    if(env == "dev"){
                      remove_suffix = '-dev.yourwebsite.com';
                    }                   
                    
                    if(host_header.endsWith(remove_suffix))
                    {   
                        request.uri = '/' + host_header.substring(0,host_header.length - remove_suffix.length) + request.uri;
                    }
                    
                    // fix the host header so that S3 understands the request
                    headers.host[0].value = origin_hostname;
                    
                    // return control to CloudFront with the modified request
                    return callback(null,request);
                };

This was my CloudFormation Lambda function association and cache policies:

LambdaFunctionAssociations:
              - EventType: origin-request
                LambdaFunctionARN: !Ref HotSitesEdgeFunctionVersion 
CachePolicyId: "658327ea-f89d-4fab-a63d-7e88639e58f6"
 ResponseHeadersPolicyId: "67f7725c-6f97-4210-82d7-5512b31e9d03"
Michel Borges
  • 921
  • 1
  • 9
  • 16

1 Answers1

0

After some hours working to understand, I realize that the host value was ..s3.amazonaws.com and not my subdomain. :(

The solution was

Create a new OriginRequestPolicy and attach the id to OriginRequestPolicyId in your distribution.

  HotSiteCustomOriginRequestPolicy:
    Type: AWS::CloudFront::OriginRequestPolicy
    Properties: 
      OriginRequestPolicyConfig: 
        Comment: Custom policy to redirect Host header
        CookiesConfig: 
           CookieBehavior: none  
        HeadersConfig: 
           HeaderBehavior: whitelist 
           Headers: 
              - Host
              - Origin
        Name: HotSiteCustomOriginRequestPolicy
        QueryStringsConfig: 
            QueryStringBehavior: none

And in your distribution

OriginRequestPolicyId: !Ref HotSiteCustomOriginRequestPolicy

Documentation for all managed policy if you need: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html

Basically, you have to forward the CloudFront Host and Origin to your lambda edge.

I hope this can help you guys.

Michel Borges
  • 921
  • 1
  • 9
  • 16