Skip to content

LambdaEdge

This article explains how to use CloudFront and Lambda@Edge to run custom code at AWS edge locations for improved content delivery.

Amazon CloudFront delivers content from the nearest AWS edge location, reducing latency and improving performance. By integrating CloudFront Functions and Lambda\@Edge, you can inject custom logic into the request/response pipeline—right at the edge.

The image illustrates the flow of data through Amazon CloudFront, showing how CloudFront Functions and Lambda@Edge interact with various AWS services and edge locations to deliver content to a user.

Supported Lifecycle Events

Edge functions trigger at specific points in CloudFront’s request/response cycle. Below is a quick reference:

Function Type Triggers
CloudFront Functions viewer-request, viewer-response
Lambda\@Edge viewer-request, origin-request, origin-response, viewer-response

The image is a comparison chart showing when functions run for CloudFront and Lambda@Edge, detailing specific request and response events.

Detailed Request Flow

  1. Viewer Request\ At the viewer edge, both CloudFront Functions and Lambda\@Edge can inspect or modify incoming HTTP requests.

  2. Cache Hit\ If the requested object is in cache, CloudFront returns it immediately. Use the viewer-response trigger to adjust headers or body content before it reaches the user.

  3. Cache Miss\ When an object isn't cached, CloudFront makes an origin request:

  4. Lambda\@Edge can run custom code during this origin request.

  5. After processing, the request is forwarded to your origin (e.g., Amazon S3, HTTP server).

  6. Origin Response\ On receiving data from the origin, use the origin-response Lambda\@Edge trigger to transform or filter the response before caching.

  7. Viewer Response\ Finally, before dispatching to the viewer, both function types can adjust the response payload or headers.

The image is a diagram illustrating a CloudFront distribution with Lambda functions triggering on viewer requests and responses, showing the interaction with CloudFront cache.

The image is a diagram illustrating the flow of a cache miss in a CloudFront distribution, showing interactions between viewers, CloudFront cache, Lambda triggers, and an S3 bucket. It includes viewer request and response triggers, as well as origin request and response triggers.

Common Use Cases

CloudFront Functions

  • Cache Key Normalization\ Transform request attributes (like query strings or headers) to optimize cache keys.
  • Header Manipulation\ Add, modify, or strip HTTP headers in requests or responses.
  • URL Redirects / Rewrites\ Implement redirects or rewrite URLs at the edge without touching your origin.
  • Request Authorization\ Perform lightweight token validation (e.g., JWT) by inspecting authorization headers.

The image lists four use cases for CloudFront Functions: cache key normalization, header manipulation, URL redirects or rewrites, and request authorization.

Lambda\@Edge

  • Complex or Long-Running Logic\ Execute heavier workloads requiring more CPU, memory, or execution time.
  • Third-Party Libraries\ Package external dependencies with your function for richer functionality.
  • External Network Access\ Connect to APIs, databases, or other services outside the AWS network.
  • File System Operations\ Read/write temporary files in /tmp or process request bodies with custom logic.

Feature Comparison

Use CloudFront Functions when you need sub-millisecond execution with minimal dependencies. Choose Lambda\@Edge for advanced workloads or when you require external network and file system access.

The image is a comparison table between CloudFront Functions and Lambda@Edge, detailing aspects like programming languages, event sources, scale, function duration, and pricing.

Choosing the Right Option

Criteria CloudFront Functions Lambda\@Edge
Execution time \< 1 ms Up to 5 minutes
Supported languages JavaScript (ECMAScript 6) Node.js, Python, etc.
Package size & libraries Must be very small, no external packages Supports larger bundles & dependencies
Network & filesystem No Yes

Deployments with Lambda\@Edge are replicated across all edge locations. Updates can take several minutes to propagate globally.

Summary

Both CloudFront Functions and Lambda\@Edge extend your CDN with programmable logic at AWS edge locations.

  • Choose CloudFront Functions for lightweight, high-scale tasks such as header manipulation, redirects, or cache key normalization.
  • Opt for Lambda\@Edge when you need longer execution, external network access, or advanced libraries.

The image is a summary of CloudFront and Lambda@Edge functions, highlighting their use cases, operational details, and suitability for different tasks. It includes six key points about running code at edge locations, use cases, and function capabilities.

References