Beta

AWS Certified Developer - Associate

Serverless

LambdaEdge Cloudfront Functions

In this article, we explore two powerful AWS tools—Lambda@Edge and CloudFront Functions—that allow you to execute your code at edge locations instead of central regions. By leveraging edge computing, you can significantly reduce latency and improve the responsiveness of your applications.

CloudFront uses edge locations to cache and serve static assets, ensuring users receive content from the nearest geographical location. With CloudFront Functions and Lambda@Edge, you can extend this functionality to execute custom logic directly at these edge nodes for tasks such as request or response transformations.

The image is a diagram illustrating the flow of data through Amazon CloudFront, showing connections from various AWS services to edge locations and then to a user.

Execution Points for CloudFront and Lambda@Edge Functions

Both CloudFront Functions and Lambda@Edge functions allow code execution at different points in the request/response lifecycle, though they offer a varying number of triggers:

  • CloudFront Functions run:

    • When an edge location receives a viewer request (viewer request trigger)
    • When CloudFront sends the response back to the viewer (viewer response trigger)

  • Lambda@Edge functions provide additional triggers:

    • On viewer request reception
    • Just before CloudFront forwards a request to the origin (origin request trigger, useful during cache miss scenarios)
    • When CloudFront receives a response from the origin (origin response trigger)
    • On sending the response back to the viewer

A comparison of these event triggers is illustrated below:

The image is a comparison chart showing when functions run for CloudFront and Lambda@Edge, detailing specific request and response events.

How It Works in Practice

When a user makes a request, both CloudFront Functions and Lambda@Edge can intercept it. In cases of a cache hit, CloudFront can immediately serve the cached response, simultaneously executing additional logic if necessary. For cache misses, Lambda@Edge can intercept the request before it is sent to the origin (for example, an S3 bucket) and modify the request or process the response before it is delivered back to the viewer.

This flow is illustrated in the diagram below:

The image is a diagram illustrating a CloudFront distribution with Lambda functions triggering on viewer requests and responses, highlighting a cache hit process. It shows the flow of data between users, CloudFront, and Lambda functions.

Another diagram below shows the complete lifecycle when using an S3 origin:

The image is a diagram illustrating the flow of a CloudFront distribution with Lambda triggers and an S3 bucket as the origin, showing viewer request and response triggers, origin request and response triggers, and CloudFront cache.

Use Cases and Differences

CloudFront Functions

CloudFront Functions are designed for lightweight and short-running tasks. Their primary use cases include:

  • Cache Key Normalization: Adjust HTTP request attributes to optimize cache key creation.
  • Header Manipulation: Insert, modify, or remove HTTP headers within requests or responses.
  • URL Redirects and Rewrites: Handle URL redirection or rewriting seamlessly.
  • Request Authorization: Validate tokens (e.g., JWT) by checking authorization headers or related metadata.

The image lists four use cases for CloudFront Functions: cache key normalization, header manipulation, URL redirects or rewrites, and request authorization.

Note

CloudFront Functions are ideal when performance is critical and the tasks are simple enough to execute in under a millisecond.

Lambda@Edge

Lambda@Edge is better suited for more complex logic that might require additional processing time and resources. Use cases include:

  • Longer Running Functions: For operations requiring extended execution time.
  • Resource-Intensive Tasks: When adjustable CPU or memory configurations are necessary.
  • Third-Party Library Integration: When your logic depends on external libraries.
  • Network and File System Operations: For scenarios that involve accessing external services or processing the body of an HTTP request.

The image outlines four use cases for Lambda@Edge: long-running functions, configurable CPU and memory functions, dependencies on third-party libraries, and network-dependent functions.

A side-by-side comparison of CloudFront Functions and Lambda@Edge is shown below:

The image is a comparison table between CloudFront Functions and Lambda@Edge, detailing aspects like programming languages, event sources, scale, function duration, and other features.

Summary

In summary, both CloudFront Functions and Lambda@Edge empower you to deploy your code closer to your users, each with distinct advantages:

  • CloudFront Functions: Best for lightweight, high-performance tasks such as authentication, header manipulation, URL rewrites, and cache key normalization.
  • Lambda@Edge: Suitable for more complex operations that require longer execution times, external service calls, or enhanced resource configurations. It supports additional triggers for origin request and response events.

The image is a summary slide detailing the functions and use cases of CloudFront and Lambda@Edge, highlighting their roles in running code at edge locations and handling requests and responses.

This overview provides the knowledge needed to choose the right tool based on your application's requirements, ensuring that you can deliver dynamic content with minimal latency and optimal performance.

For more details on AWS edge computing, visit the AWS Documentation.

Watch Video

Watch video content

Previous
Lambda EventBridge Integration Demo
Next
Exam Tips