How can I change status code in viewer-response Cloudfront event?











up vote
1
down vote

favorite












I want to secure Cloudfront response using S3 object metadata and some role data in DB (or some remote service), specif for current user. I think I should use viewer-response event here, to have access to S3 data and user data together. I try to set status and statusDescription in response object, but it does not work for viewer-response event, works for all other events. Setting headers still works. 



exports.handler = async (event) => {



  const response = event.Records[0].cf.response;

  const request = event.Records[0].cf.request;

  const isUserAllowed = await allowedByTokenAndDb(request);

  const isS3ObjectAllowed = response.headers['x-amz-meta-isSecure'][0].value === 'true';



  if (!isUserAllowed || !isS3ObjectAllowed) {

    response.status = '403'; // does not work

    response.statusDescription = 'Nothing';

  }



  response.headers['X-Powered-By'] = [{  // works, header will be added

    key: 'X-Powered-By',

    value: 'lol',

  }] 



  return response;

}


Is there any way to make viewer-response return another status? AWS documentation does not tell that it is possible or not. Maybe there is another solution?






amazon-cloudfront aws-lambda-edge







share|improve this question


























    up vote
    1
    down vote

    favorite












    I want to secure Cloudfront response using S3 object metadata and some role data in DB (or some remote service), specif for current user. I think I should use viewer-response event here, to have access to S3 data and user data together. I try to set status and statusDescription in response object, but it does not work for viewer-response event, works for all other events. Setting headers still works. 



    exports.handler = async (event) => {
    

    
  const response = event.Records[0].cf.response;
    
  const request = event.Records[0].cf.request;
    
  const isUserAllowed = await allowedByTokenAndDb(request);
    
  const isS3ObjectAllowed = response.headers['x-amz-meta-isSecure'][0].value === 'true';
    

    
  if (!isUserAllowed || !isS3ObjectAllowed) {
    
    response.status = '403'; // does not work
    
    response.statusDescription = 'Nothing';
    
  }
    

    
  response.headers['X-Powered-By'] = [{  // works, header will be added
    
    key: 'X-Powered-By',
    
    value: 'lol',
    
  }] 
    

    
  return response;
    
}


    Is there any way to make viewer-response return another status? AWS documentation does not tell that it is possible or not. Maybe there is another solution?






    amazon-cloudfront aws-lambda-edge







    share|improve this question
























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      I want to secure Cloudfront response using S3 object metadata and some role data in DB (or some remote service), specif for current user. I think I should use viewer-response event here, to have access to S3 data and user data together. I try to set status and statusDescription in response object, but it does not work for viewer-response event, works for all other events. Setting headers still works. 



      exports.handler = async (event) => {
      

      
  const response = event.Records[0].cf.response;
      
  const request = event.Records[0].cf.request;
      
  const isUserAllowed = await allowedByTokenAndDb(request);
      
  const isS3ObjectAllowed = response.headers['x-amz-meta-isSecure'][0].value === 'true';
      

      
  if (!isUserAllowed || !isS3ObjectAllowed) {
      
    response.status = '403'; // does not work
      
    response.statusDescription = 'Nothing';
      
  }
      

      
  response.headers['X-Powered-By'] = [{  // works, header will be added
      
    key: 'X-Powered-By',
      
    value: 'lol',
      
  }] 
      

      
  return response;
      
}


      Is there any way to make viewer-response return another status? AWS documentation does not tell that it is possible or not. Maybe there is another solution?






      amazon-cloudfront aws-lambda-edge







      share|improve this question













      I want to secure Cloudfront response using S3 object metadata and some role data in DB (or some remote service), specif for current user. I think I should use viewer-response event here, to have access to S3 data and user data together. I try to set status and statusDescription in response object, but it does not work for viewer-response event, works for all other events. Setting headers still works. 



      exports.handler = async (event) => {
      

      
  const response = event.Records[0].cf.response;
      
  const request = event.Records[0].cf.request;
      
  const isUserAllowed = await allowedByTokenAndDb(request);
      
  const isS3ObjectAllowed = response.headers['x-amz-meta-isSecure'][0].value === 'true';
      

      
  if (!isUserAllowed || !isS3ObjectAllowed) {
      
    response.status = '403'; // does not work
      
    response.statusDescription = 'Nothing';
      
  }
      

      
  response.headers['X-Powered-By'] = [{  // works, header will be added
      
    key: 'X-Powered-By',
      
    value: 'lol',
      
  }] 
      

      
  return response;
      
}


      Is there any way to make viewer-response return another status? AWS documentation does not tell that it is possible or not. Maybe there is another solution?






      amazon-cloudfront aws-lambda-edge




      amazon-cloudfront aws-lambda-edge






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 9 at 15:42









      Aliaksei Shytkin

      26226




      26226
























          1 Answer
          1






          active

          oldest

          votes

















          up vote
          1
          down vote













          This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:


          The function is triggered in an origin response



          The response status from the origin server is an error status code (4xx or 5xx)





           'use strict';
          

          
    exports.handler = (event, context, callback) => {
          
        const response = event.Records[0].cf.response;
          

          
        /**
          
         * This function updates the response status to 200 and generates static
          
         * body content to return to the viewer in the following scenario:
          
         * 1. The function is triggered in an origin response
          
         * 2. The response status from the origin server is an error status code (4xx or 5xx)
          
         */
          

          
        if (response.status >= 400 && response.status <= 599) {
          
            response.status = 200;
          
            response.statusDescription = 'OK';
          
            response.body = 'Body generation example';
          
        }
          

          
        callback(null, response);
          
    };





          share|improve this answer





















          • It works for origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.
            – Aliaksei Shytkin
            Nov 20 at 9:26











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53228881%2fhow-can-i-change-status-code-in-viewer-response-cloudfront-event%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          1
          down vote













          This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:


          The function is triggered in an origin response



          The response status from the origin server is an error status code (4xx or 5xx)





           'use strict';
          

          
    exports.handler = (event, context, callback) => {
          
        const response = event.Records[0].cf.response;
          

          
        /**
          
         * This function updates the response status to 200 and generates static
          
         * body content to return to the viewer in the following scenario:
          
         * 1. The function is triggered in an origin response
          
         * 2. The response status from the origin server is an error status code (4xx or 5xx)
          
         */
          

          
        if (response.status >= 400 && response.status <= 599) {
          
            response.status = 200;
          
            response.statusDescription = 'OK';
          
            response.body = 'Body generation example';
          
        }
          

          
        callback(null, response);
          
    };





          share|improve this answer





















          • It works for origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.
            – Aliaksei Shytkin
            Nov 20 at 9:26















          up vote
          1
          down vote













          This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:


          The function is triggered in an origin response



          The response status from the origin server is an error status code (4xx or 5xx)





           'use strict';
          

          
    exports.handler = (event, context, callback) => {
          
        const response = event.Records[0].cf.response;
          

          
        /**
          
         * This function updates the response status to 200 and generates static
          
         * body content to return to the viewer in the following scenario:
          
         * 1. The function is triggered in an origin response
          
         * 2. The response status from the origin server is an error status code (4xx or 5xx)
          
         */
          

          
        if (response.status >= 400 && response.status <= 599) {
          
            response.status = 200;
          
            response.statusDescription = 'OK';
          
            response.body = 'Body generation example';
          
        }
          

          
        callback(null, response);
          
    };





          share|improve this answer





















          • It works for origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.
            – Aliaksei Shytkin
            Nov 20 at 9:26













          up vote
          1
          down vote










          up vote
          1
          down vote









          This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:


          The function is triggered in an origin response



          The response status from the origin server is an error status code (4xx or 5xx)





           'use strict';
          

          
    exports.handler = (event, context, callback) => {
          
        const response = event.Records[0].cf.response;
          

          
        /**
          
         * This function updates the response status to 200 and generates static
          
         * body content to return to the viewer in the following scenario:
          
         * 1. The function is triggered in an origin response
          
         * 2. The response status from the origin server is an error status code (4xx or 5xx)
          
         */
          

          
        if (response.status >= 400 && response.status <= 599) {
          
            response.status = 200;
          
            response.statusDescription = 'OK';
          
            response.body = 'Body generation example';
          
        }
          

          
        callback(null, response);
          
    };





          share|improve this answer












          This function demonstrates how you can update the response status to 200 and generate static body content to return to the viewer in the following scenario:


          The function is triggered in an origin response



          The response status from the origin server is an error status code (4xx or 5xx)





           'use strict';
          

          
    exports.handler = (event, context, callback) => {
          
        const response = event.Records[0].cf.response;
          

          
        /**
          
         * This function updates the response status to 200 and generates static
          
         * body content to return to the viewer in the following scenario:
          
         * 1. The function is triggered in an origin response
          
         * 2. The response status from the origin server is an error status code (4xx or 5xx)
          
         */
          

          
        if (response.status >= 400 && response.status <= 599) {
          
            response.status = 200;
          
            response.statusDescription = 'OK';
          
            response.body = 'Body generation example';
          
        }
          

          
        callback(null, response);
          
    };






          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 17 at 12:13









          Alex Malikov

          1516




          1516












          • It works for origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.
            – Aliaksei Shytkin
            Nov 20 at 9:26


















          • It works for origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.
            – Aliaksei Shytkin
            Nov 20 at 9:26
















          It works for origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.
          – Aliaksei Shytkin
          Nov 20 at 9:26




          It works for origin-response trigger, but it does not work for viewer-response, as I mentioned. I want to run my code on each request, use Cloudfront cache and have access to cached object. Now the closest thing I can have is to set cache timeout to 0 and use origin-response trigger.
          – Aliaksei Shytkin
          Nov 20 at 9:26


















           

          draft saved


          draft discarded



















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53228881%2fhow-can-i-change-status-code-in-viewer-response-cloudfront-event%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Guess what letter conforming each word

          Image
          6 $begingroup$ This is an entry in the Fortnightly Topic Challenge #41: Short and Sweet. 1 letter only could be mean anything . With an additional letter in front , could be used as medicine component and something you definitely learn or at least heard once. Add another letter in front , you would possibly hear that many times . Add an additional letter in front , you would found an independent country . With an additional letter, in the end , you would found something related to apple . Add another letter in the end , you would found something bad . Hint: Each letter is unique . word knowledge letters chemistry share | improve this question ...
          Read more

          Run scheduled task as local user group (not BUILTIN)

          Image
          0 I am trying to run a scheduled task with User Group (not a single user). This is working fine when I in the field "when running a task, use the following user account:" insert BUILTIN User Group (for example: Administrators or Users). But when I try it with the created Local User Group (example: TestGroup) it is not working. The Users in the TestGroup are the same as in the Administrators group. What could be the problem? Are there some restrictions to the Created User Group compared to BUILTINUsers? scheduled-tasks taskscheduler windowstaskschedule share | improve this question asked Nov 15 '18 at 15:36 Far...
          Read more

          Port of Spain

          Image
          For ports in the country of Spain, see List of ports in Spain. City in City of Port of Spain, Trinidad and Tobago Port of Spain City City of Port of Spain Top to bottom (left to right): Skyline of Port of Spain from Gulf of Paria; National Academy for the Performing Arts, Independence Square, Eric Williams Plaza; MovieTowne, Port of Port of Spain Motto(s):  "We Gather Strength As We Go Along" Port of Spain Coordinates: 10°40′N 61°31′W  /  10.667°N 61.517°W  / 10.667; -61.517 Coordinates: 10°40′N 61°31′W  /  10.667°N 61.517°W  / 10.667; -61.517 Country   Trinidad and Tobago Jurisdiction City of Port of Spain Settled 1560 Incorporated (town) 1853 Incorporated (city) 1914 Government  • Mayor Joel Martinez  • Governing body City Corporation Area [1]  • City 12 km 2 (5 sq mi) Elevation [2] 66 m (217 ft) Population (2011) [1]  • City 37,074  • Rank 3rd  • Density 3,090/km 2 (8,000/sq mi)...
          Read more