Networking & Content Delivery
Category: Lambda@Edge
Signed cookie-based authentication with Amazon CloudFront and AWS Lambda@Edge: Part 2 – Authorization
In this two-part blog series, you will learn how to use email addresses and domain names for user authentication. With this method, you restrict credentials-free user access to a static website. In this second part of the blog series, you will learn how to implement the authorization mechanism. In the previous blog post, you learnt […]
Signed cookie-based authentication with Amazon CloudFront and AWS Lambda@Edge: Part 1 -Authentication
In this two-part blog series, you will learn how to use email addresses and domain names for user authentication. With this method, you restrict credentials-free user access to a static website. In this first blog, you will learn how to implement the authentication mechanism. In the second blog post, you will learn how to implement […]
CloudFront Functions – A New Security Paradigm for CDN Edge Computing
CloudFront Functions is a new serverless scripting capability that allows you to run JavaScript code at more than 225 Amazon CloudFront edge locations to perform lightweight HTTP transformations and customize content delivery. This blog details our security journey and the controls we put in place to make CloudFront Functions raise the security bar when it comes to edge computing capabilities.
CloudFront Migration Series (Part 3): OLX Europe, The DevOps Way
Business and scale at OLX Group At OLX Group, we operate the fastest-growing network of trading platforms globally. Serving 300 million people every month in 30+ countries around the world, OLX Group helps buy and sell cars, find housing, get jobs, buy and sell household goods, and much more. With more than 20 well-loved local […]
On-the-fly video conversion with Amazon CloudFront, Lambda@Edge, and AWS Elemental MediaConvert
Introduction: Whether your media library includes long form featured movies or short form “how-to” clips, the popularity of each video asset is typically set by your viewers preference. In order to deliver your online video content, AWS offers multiple solutions that you can use to automate your media supply chain, and streamline your content distribution. […]
Customize 403 error pages from Amazon CloudFront Origin with Lambda@Edge
AWS Web Application Firewall (AWS WAF) is commonly used to protect HTTP and HTTPS requests forwarded to Amazon CloudFront. When you are using this approach, default 403 error pages do not distinguish whether the error came from AWS WAF or the CloudFront Origin. As an AWS WAF and Amazon CloudFront user, you may want to […]
CloudFront Migration Series (Part 2): Audible Plus, The Turning Point
Introduction In 2020, users have come to expect a flawless streaming media experience, whether it’s video, music, or audiobooks. Playback must start quickly and be resilient to changes in network availability and bandwidth. To deliver all of this content, you must have a performant, highly available and reliable Content Delivery Network (CDN) to reach customers […]
Securing CloudFront Distributions using OpenID Connect and AWS Secrets Manager
Amazon CloudFront is a CDN that is used to securely deliver content, applications, and APIs to globally dispersed customers with low-latency and high transfer speeds. Amazon CloudFront is ideal for serving-up websites, caching content, and delivering static files to users across the globe. This blog post will allow organizations who host private web apps on Amazon […]
Securing and Accessing Secrets from Lambda@Edge using AWS Secrets Manager
Lambda@Edge is a feature of Amazon CloudFront that lets you run code closer to users of your application, across on the globe, improving performance and reducing latency. This feature is useful for enriching HTTP requests with filters, security headers, and dynamically routing a request to a specific origin. When working with Lambda@Edge, there are situations […]
Serving SSE-KMS encrypted content from S3 using CloudFront
Update: We’ve updated this blog and the AWS Lambda function code to work with both “custom” and “s3” style origins in Amazon CloudFront. Previously, only “custom” types were covered. In August 2022, CloudFront launched OAC (Origin Access Control), providing native support for customers to use CloudFront to access S3 bucket encrypted with SSE-KMS. Depending on […]