AWS Lambda@Edge Smart Route Across Origins - Step by Step Tutorial

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello serverless people enrico here in this video i will walk you through a particular example of lambda at edge if you haven't seen my previous video about lambda at edge i will leave the link in the description and in the previous video i'll show a quick introduction pro and course of using lambda at edge if you want to see other similar content make sure to subscribe to the channel i publish a new video every thursday right let's get cracking i will use number edge with node.js to programmatically define the origin from where my call from distribution will serve the content what we want to do with this example is to change the origin based on a cookie value which is gonna be forwarded from the client from uh to crowdfunding from cloudfront to the lambda edge so let's first go through the full app flow and then i'm gonna explain you what we're to build so your client is visitingyourwebsite.com and when you're requesting your website your website is deployed on cloudfront what can happen is either the object hit the cache or the objects miss the cache when they hit the cache cloudfront is going to reply back immediately with the cached object so cloudfront is not asking to the origin to get the objects and then get sending back to the client if on the other hand cloudphone will forward the request to the origin since we have deployed a lambda edge in this cloud from distribution what will happen based on the trigger that we have set i'm going to show you how in a minute but what happens basically is that every time there is an origin request which means again the object was not found in the cloud for cache so what will happen is that cloudfront is going to ask the object to the origin we will trigger a lambda function the lambda function will be triggered at edge which means from a cloudfront edge location which is the closest one to the user what will happen here in this lambda function is that based on a value or that we're going to set on the client side we're going to expect the cookies and if there is an origin on the in the cookie we know from which of the two buckets we want to get the content if we don't find the cookie in the client side we're gonna we're gonna send back a random origin between these two buckets so to summarize very quickly what is gonna happen is that if the objects are not cache the lambda function will check if there is a cookie value if there is it's gonna send the request to the configure region based on the value of the cookie if the cookie is not set it's gonna get the object from uh random region and then the origin is gonna send back the object to cloudfront now that we have all the upflow in mind let's move to the aws console and create those objects so let's start from the s3 buckets we need to create two buckets i'm going to show you how to create one and then you can do the other one by yourself so you call a bucket like my bucket edge example one you decide in which region you want to deploy the bucket and then you put block all public access and you just hit create same thing for the second bucket once we have created the s3 buckets we go on the cloudfront distribution so we hit create distribution so for the distribution we need to set an origin in this case we're going to choose the first bucket this is going to be our default packet and in my case it's called enrico region h1 then origin path you can leave it blank you don't need you can yeah we're going to set actually um origin access identity so we want the bucket to be completely private so we cloud phone is gonna call the bucket so the objects can only be accessed by a crowdfund distribution and they're not accessible through the packet so we're gonna set yes so use origin access identity and we're gonna tell aws to create a new one for us and then we're gonna we're gonna also tell to aws to update our pocket policy otherwise we will have to do it manually okay next step we need to add custom header can be can stay default compress object yes here i prefer to set redirect http to https everything else we can restrict viewer access here this one can be can set no and this is the step we need to configure so in this case since on our lambda edge function we are actually inspecting the cookies from the client we need to tell cloudfront to basically forward the cookies from the from cloudfront to the lambda edge function so what we're gonna do is is to select legacy settings and here on the cookies menu we want to include specific cookies and we're gonna add the origin cookie then we're gonna set later on the client all right that's done we don't need any other cookie so just leave a origin and then here is saying do you want to associate the lambda edge function we're going to do that later from the lambda at edge menu here is like we can leave everything default and then you can press create distribution it will take like from 10 to 15 minutes so i'll pause the video for a second so before we move to the creation of the lambda function i want to explain the code that we're going to put on the lambda function so every time the lambda function will be triggered by the clone for distribution this is the code that is going to be run so we have to find the origin a and region b which are the name of the packets that we have configured for the websites so it is enrique origin h1 and rico region adds two what i'm gonna do then is i will inspect the headers object if there is a cookie value i'm gonna loop into the cookie value and check if the cookie value has like origin a or region b based on the uh cookie that i find i will set the domain name of the origin s3 domain name to the origin a or origin b so based on the value of the cookie basically i am modifying the s3 region where cloudfone is going to get the objects if on the other hand i don't find any cookie in the request i would just send back using a random function either origin a so bucket a or bucket b and then i'm going to return the request to the cloud from distribution so let's copy this code and create a new lambda function so you go on the lambda function menu you click create function and we're gonna call the function my patch function origin runtime is the right like node 14 then we're gonna um oh make all always make sure that when you're creating like a lambda edge function to be on the north virginia region otherwise you will not be able to add crowdfund as a trigger and then we need to create a role for the lambda function in this case and we'll look into uh adobe responsive temples and i'm gonna check if there is something with the for the edge function yes there is so basically i'm gonna edge permissions because lambda edge functions need additional permission in order to be triggered by cloudfront so i'm going to just add this one and i want to call it like my edge function role and then i'm going to hit create function all right my function has been created let's just paste the code and see if there are some errors no everything seems fine now i'm gonna deploy the function and also another extra step we need to do is to actually publish a new version because lambda edge need the version in order to be triggered by call front it's not possible to use that like the latest tag so i'm going to create a version v1 okay now that i have created the lambda function with the version the next step is to add the cloudform trigger so go on the cloudfront menu remember the distribution id you will need it in this case the one with 4nd as the latest character so i'm going to add trigger here select trigger i'm going to choose cloudfront then here i should be able to find my distribution it's not this one is 4nd cache behavior it's going to be star and in this case we need to choose the cloudfront event as we've seen from the architecture let's go back for a second we want to trigger the lambda function every time there is an origin request we want to trigger the function when there is the uh when the object basically is being cached by cloudfront so here we're going to select origin request uh if we wanted to trigger the function every time there is a request to crowdfund we would have chosen viewer request which is this part of the graph so when the client requests the object to cloud to cloudfront is called viewer request so we choose origin request as we said and then we're gonna acknowledge that um cloudform is gonna deploy the function in all the edge location of aws so i'm going to click add so once i deploy the function actually found something missing we need to specify also on the origin the region of the s3 bucket so i added on the code origin s3 region us2 or s3 region a piece of s2 depending on the origin that we're gonna choose same thing when we are choosing randomly and then i'll send back the request another thing we need to notice is that since lambda edge are deployed into the edge location of cloudfront when you use cloud watch you have to go to the region where the function has been triggered in my case in some base in london the region is eus2 so if you want to check the logs you have to navigate to the cred region otherwise you won't be able to find the logs for the lambda edge function all right now it's time to test the code actually so let's go on this is the cloudfront url so if i load that i don't set any cookie i'm just getting random results so in this case i'm getting the website from bucket number one if i set a cookie for example let's set and i'm gonna set the cookie directory from the console because i want to install any chrome extension to do it so i'm going to use like this function document cookie and i'm going to set as the region the packet b so let's check i i've added the cookie let's go on the console and as you can see the value is b so now if i reload the page i should get the value from the packet shoe and it's going to show website 2 let's see yes as you see i don't know if you if you have noted but it took a bit more time because actually the bucket is in sydney at the moment and i'm based in london so if i set again the value to a i should get website one and this way yeah it's way much faster i set again on b you should see the loading for a bit yeah well now you don't see the loading actually because this is a second request so the object has been cached and if we go on the um cloud cloud watch logs i i have console log here the request so if we inspect like a random one and we're gonna see here like uh origin a cookie found which is the console load that i put on the lambda function and here is the origin object that we set we are sending back to the uh cloudfront distribution so it's like origin domain name the first bucket at region eu west the first ones are like the random one so we should we should be able to see like random origin i sometimes can be yes southeast sometime can be uh the other one so like us two let's see if i can find one eos so this is like the random one when no cookie has been set a common error you can face is when you didn't add the permission for crowdfront to access the second bucket because when we have created the crowdfund distribution we set the oai so the original authorized identity only on the first packet we because we set the first packet as the region but we didn't set the permission on the second bucket so you will get an error like this one that i'm showing on the video in order to fix this error you have to go on the second bucket you go on the permission tab here and you add the packet policy with the allow effect for the crowdfunder region so you can copy this uh packet policy from the first packet you have created once you you have added the policy cloudfront is actually able to access s3 and you can send back the object to the user all right this is all from this use case so we have seen how with lambda edge we can modify the origin turn the object to the cloud from distribution i want to clarify this is a sample has been taken from an aws block which i'm gonna i'm gonna put in the description so thanks to the ds team to put this awesome blog post i wanted to explain in the video let me know what you think in the comments thanks everyone for watching
Info
Channel: Enrico Portolan
Views: 69
Rating: undefined out of 5
Keywords: aws, serverless, cloud
Id: 8NcoGnCTuMU
Channel Id: undefined
Length: 12min 32sec (752 seconds)
Published: Wed Oct 27 2021
Related Videos
AWS Developer Workshop: How to Build Multi-Region Applications in the Cloud
Amazon Web Services
5.4K
WebAssembly - The shift to the edge
adaptTo Conference
109
Easy SFTP Setup with AWS Transfer Family - Step by Step Tutorial
Enrico Portolan
749
Building a Multi-Region Web Application on AWS
CloudSkills
2.7K
AWS Tutorial For Beginners | AWS Certified Solutions Architect | AWS Training | Edureka
edureka!
2.1M
Serving Multiple Websites with AWS CloudFront & Lambda at Edge
Enlear Academy
7.6K
AWS S3 - Bucket, Objects, Versioning, Bucket Policy, LifeCycle, Storage Classes (DEMO)
KnowledgeIndia AWS Azure Tutorials
125K
AWS Networking Fundamentals
Amazon Web Services
252K
How to Restrict Access to Amazon S3 Content using Origin Access Identity | AWS CloudFront
Pythoholic
8.6K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
5 Methods to Make Your Lambda Function Run Faster
Enrico Portolan
7
Solid State Batteries - Autumn 2021 mass production in Japan. Is it FINALLY happening?
Just Have a Think
1.3M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.