Vipin Katiyar

Jun 10, 2021

4 min read

What is Lambda@Edge & How to detect a simple BOT using AWS Lambda@Edge in Node JS

About Lamda@Edge

Lambda@Edge provides a way to run the Lambda functions to customize content that CloudFront delivers. Currently, it supports only two languages (Node.js & Python).

It executes the functions in AWS locations closer to the viewer. The functions run in response to CloudFront events.

You can use Lambda functions to change CloudFront requests and responses at the following points:

View the full AWS article here

https://docs.aws.amazon.com/lambda/latest/dg/lambda-edge.html

Difference between Lambda and Lambda@Edge

How to create the Lambda@Edge and associate with CDN

Note: Lambda@Edge should be created in the us-east-1 (N. Virginia) region only. It will automatically replicate to all the edge locations.

Step 1: Go to the Lambda service and select the region to us-east-1 and create a Lambda function and put the below code into the lambda event handler.

'use strict';const regex = /aolbuild|baidu|bingbot|bingpreview|msnbot|duckduckgo|adsbot-google|googlebot|mediapartners-google|teoma|slurp|yandex|bot|crawl|spider/g;exports.handler = (event, context, callback) => {
console.log('Event: ' + JSON.stringify(event));
const request = event.Records[0].cf.request;
const user_agent = request['headers']['user-agent'][0]['value'].toLowerCase();
if(user_agent !== undefined) {
const found = user_agent.match(regex);
request['headers']['is-crawler'] = [
{
key: 'is-crawler',
value: `${found !== null}`
}
]
}
console.log('Request: ' + JSON.stringify(request));
callback(null, request);
};

Step 2: Go to the “configuration” tab of the lambda function and select the “Permissions” tab at the left. Please click on the role.

Step3: Once you redirected to the IAM after clicking the Lambda role, Please select the “trust relationship” tab and then edit the “trust relationship”.

Lambda role in the IAM

Paste the below statement and update the trust policy.

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com",
"edgelambda.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}

Step 4: You can not add the CDN trigger with the $LATEST version of the lambda function, for adding the trigger we need to create the version. To create a version you need to click on the “version” tab in the Lambda and click on the “Publish new version”

Create lambda version

Step 5: once created the version please add now the CDN as a trigger. I assume that you have already created the CloudFront. Select the CloudFront into distribution and confirm deploy to Lambda@Edge.

Lambda trigger details

Step 6: Validate the Lambda@Edge is correctly associated with your CDN. Go to Cloudfront service > behavior tab > Select the checkbox and click edit > and scroll to the bottom.

Lambda@Edge association in CDN

We are done with all settings. Let wait for some time to replicate your function to all the edge locations.

How to check the Lambda@Edge Logs

When you check for the log files, be aware that log files are stored in the Region closest to the location where the function is executed. This means, if you visit a website from, for example, India, you must change the Region to view the CloudWatch Logs for the Mumbai(ap-south-1) Region.

Please read the AWS article for it.

How to delete the Lamda@Edge function

You can not delete the Lambda@Edge directly from the lambda functions page because it is already replicated into all edge locations. If you try to delete it, you will face the below issue.

Error while deleting the Lambda@Edge

To delete the Lambda@Edge, you need to remove the association from Cloudfront first using the “cross” button available in front of the association . Please wait for some time till CloudFront deletes associations from all Edge Locations.

delete the association from Cloudfront