How can I change status code in viewer-response Cloudfront event?
up vote
1
down vote
favorite
I want to secure Cloudfront response using S3 object metadata and some role data in DB (or some remote service), specif for current user. I think I should use viewer-response event here, to have access to S3 data and user data together. I try to set status and statusDescription in response object, but it does not work for viewer-response event, works for all other events. Setting headers still works.
exports.handler = async (event) => {
const response = event.Records[0].cf.response;
const request = event.Records[0].cf.request;
const isUserAllowed = await allowedByTokenAndDb(request);
const isS3ObjectAllowed = response.headers['x-amz-meta-isSecure'][0].value === 'true';
if (!isUserAllowed || !isS3ObjectAllowed) {
response.status = '403'; // does not work
response.statusDescription = 'Nothing';
}
response.headers['X-Powered-By'] = [{ // works, header will be added
key: 'X-Powered-By',
value: 'lol',
}]
return response;
}
Is there any way to make viewer-response return another status? AWS documentation does not tell that it is possible or not. Maybe there is another solution?
amazon-cloudfront aws-lambda-edge
asked Nov 9 at 15:42
Aliaksei Shytkin
26226
add a comment |
up vote
1
down vote
favorite
I want to secure Cloudfront response using S3 object metadata and some role data in DB (or some remote service), specif for current user. I think I should use viewer-response event here, to have access to S3 data and user data together. I try to set status and statusDescription in response object, but it does not work for viewer-response event, works for all other events. Setting headers still works.
exports.handler = async (event) => {
const response = event.Records[0].cf.response;
const request = event.Records[0].cf.request;
const isUserAllowed = await allowedByTokenAndDb(request);
const isS3ObjectAllowed = response.headers['x-amz-meta-isSecure'][0].value === 'true';
if (!isUserAllowed || !isS3ObjectAllowed) {
response.status = '403'; // does not work
response.statusDescription = 'Nothing';
}
response.headers['X-Powered-By'] = [{ // works, header will be added
key: 'X-Powered-By',
value: 'lol',
}]
return response;
}
Is there any way to make viewer-response return another status? AWS documentation does not tell that it is possible or not. Maybe there is another solution?
amazon-cloudfront aws-lambda-edge
asked Nov 9 at 15:42
Aliaksei Shytkin
26226
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I want to secure Cloudfront response using S3 object metadata and some role data in DB (or some remote service), specif for current user. I think I should use viewer-response event here, to have access to S3 data and user data together. I try to set status and statusDescription in response object, but it does not work for viewer-response event, works for all other events. Setting headers still works.
exports.handler = async (event) => {
const response = event.Records[0].cf.response;
const request = event.Records[0].cf.request;
const isUserAllowed = await allowedByTokenAndDb(request);
const isS3ObjectAllowed = response.headers['x-amz-meta-isSecure'][0].value === 'true';
if (!isUserAllowed || !isS3ObjectAllowed) {
response.status = '403'; // does not work
response.statusDescription = 'Nothing';
}
response.headers['X-Powered-By'] = [{ // works, header will be added
key: 'X-Powered-By',
value: 'lol',
}]
return response;
}
Is there any way to make viewer-response return another status? AWS documentation does not tell that it is possible or not. Maybe there is another solution?
amazon-cloudfront aws-lambda-edge
asked Nov 9 at 15:42
Aliaksei Shytkin
26226
I want to secure Cloudfront response using S3 object metadata and some role data in DB (or some remote service), specif for current user. I think I should use viewer-response event here, to have access to S3 data and user data together. I try to set status and statusDescription in response object, but it does not work for viewer-response event, works for all other events. Setting headers still works.
exports.handler = async (event) => {
const response = event.Records[0].cf.response;
const request = event.Records[0].cf.request;
const isUserAllowed = await allowedByTokenAndDb(request);
const isS3ObjectAllowed = response.headers['x-amz-meta-isSecure'][0].value === 'true';
if (!isUserAllowed || !isS3ObjectAllowed) {
response.status = '403'; // does not work
response.statusDescription = 'Nothing';
}
response.headers['X-Powered-By'] = [{ // works, header will be added
key: 'X-Powered-By',
value: 'lol',
}]
return response;
}
Is there any way to make viewer-response return another status? AWS documentation does not tell that it is possible or not. Maybe there is another solution?
amazon-cloudfront aws-lambda-edge
amazon-cloudfront aws-lambda-edge
asked Nov 9 at 15:42
Aliaksei Shytkin
26226
asked Nov 9 at 15:42
Aliaksei Shytkin
26226
asked Nov 9 at 15:42
Aliaksei Shytkin
26226
asked Nov 9 at 15:42
Aliaksei Shytkin
26226
asked Nov 9 at 15:42
Aliaksei Shytkin
26226
26226
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:
The function is triggered in an origin response
The response status from the origin server is an error status code (4xx or 5xx)
'use strict';
exports.handler = (event, context, callback) => {
const response = event.Records[0].cf.response;
/**
* This function updates the response status to 200 and generates static
* body content to return to the viewer in the following scenario:
* 1. The function is triggered in an origin response
* 2. The response status from the origin server is an error status code (4xx or 5xx)
*/
if (response.status >= 400 && response.status <= 599) {
response.status = 200;
response.statusDescription = 'OK';
response.body = 'Body generation example';
}
callback(null, response);
};
answered Nov 17 at 12:13
Alex Malikov
1516
It works fororigin-responsetrigger, but it does not work forviewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and useorigin-responsetrigger.
– Aliaksei Shytkin
Nov 20 at 9:26
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:
The function is triggered in an origin response
The response status from the origin server is an error status code (4xx or 5xx)
'use strict';
exports.handler = (event, context, callback) => {
const response = event.Records[0].cf.response;
/**
* This function updates the response status to 200 and generates static
* body content to return to the viewer in the following scenario:
* 1. The function is triggered in an origin response
* 2. The response status from the origin server is an error status code (4xx or 5xx)
*/
if (response.status >= 400 && response.status <= 599) {
response.status = 200;
response.statusDescription = 'OK';
response.body = 'Body generation example';
}
callback(null, response);
};
answered Nov 17 at 12:13
Alex Malikov
1516
It works fororigin-responsetrigger, but it does not work forviewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and useorigin-responsetrigger.
– Aliaksei Shytkin
Nov 20 at 9:26
add a comment |
up vote
1
down vote
This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:
The function is triggered in an origin response
The response status from the origin server is an error status code (4xx or 5xx)
'use strict';
exports.handler = (event, context, callback) => {
const response = event.Records[0].cf.response;
/**
* This function updates the response status to 200 and generates static
* body content to return to the viewer in the following scenario:
* 1. The function is triggered in an origin response
* 2. The response status from the origin server is an error status code (4xx or 5xx)
*/
if (response.status >= 400 && response.status <= 599) {
response.status = 200;
response.statusDescription = 'OK';
response.body = 'Body generation example';
}
callback(null, response);
};
answered Nov 17 at 12:13
Alex Malikov
1516
It works fororigin-responsetrigger, but it does not work forviewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and useorigin-responsetrigger.
– Aliaksei Shytkin
Nov 20 at 9:26
add a comment |
up vote
1
down vote
up vote
1
down vote
This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:
The function is triggered in an origin response
The response status from the origin server is an error status code (4xx or 5xx)
'use strict';
exports.handler = (event, context, callback) => {
const response = event.Records[0].cf.response;
/**
* This function updates the response status to 200 and generates static
* body content to return to the viewer in the following scenario:
* 1. The function is triggered in an origin response
* 2. The response status from the origin server is an error status code (4xx or 5xx)
*/
if (response.status >= 400 && response.status <= 599) {
response.status = 200;
response.statusDescription = 'OK';
response.body = 'Body generation example';
}
callback(null, response);
};
answered Nov 17 at 12:13
Alex Malikov
1516
This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:
The function is triggered in an origin response
The response status from the origin server is an error status code (4xx or 5xx)
'use strict';
exports.handler = (event, context, callback) => {
const response = event.Records[0].cf.response;
/**
* This function updates the response status to 200 and generates static
* body content to return to the viewer in the following scenario:
* 1. The function is triggered in an origin response
* 2. The response status from the origin server is an error status code (4xx or 5xx)
*/
if (response.status >= 400 && response.status <= 599) {
response.status = 200;
response.statusDescription = 'OK';
response.body = 'Body generation example';
}
callback(null, response);
};
answered Nov 17 at 12:13
Alex Malikov
1516
answered Nov 17 at 12:13
Alex Malikov
1516
answered Nov 17 at 12:13
Alex Malikov
1516
answered Nov 17 at 12:13
Alex Malikov
1516
1516
It works fororigin-responsetrigger, but it does not work forviewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and useorigin-responsetrigger.
– Aliaksei Shytkin
Nov 20 at 9:26
add a comment |
It works fororigin-responsetrigger, but it does not work forviewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and useorigin-responsetrigger.
– Aliaksei Shytkin
Nov 20 at 9:26
It works for
origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.– Aliaksei Shytkin
Nov 20 at 9:26
It works for
origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.– Aliaksei Shytkin
Nov 20 at 9:26
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53228881%2fhow-can-i-change-status-code-in-viewer-response-cloudfront-event%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
