0

I am currently running a static website within an S3 Bucket that re-directs to Lambda when a 404 occurs. The problem with this solution is that the Lambda function must be open it to be invoked as I cannot supply an x-api-key header as from what I can gather the Re-routing ruleset on S3 Static Hosting do not enable headers to be attached to the request.

Essentially I am just trying to lockdown the Lambda function to only be invoked via our requests whilst sticking with the current static site-hosting routing we are using. These are the two methods I foresee to resolve this issue.

  1. Figure out a way to add a header to the redirect.
  2. Determine where the request came from and verify it prior to the lambda function running.

Any help would be greatly appreciated.

Countach
  • 597
  • 1
  • 10
  • 20

1 Answers1

0

You could create a custom static 404.html page on S3 and have a Javascript in this page to call the Lambda function using Ajax. Then you can use any method, headers and data in the Ajax request to Lambda. You could even use LocalStorage to use data about your users in order to customize Lambda request/response and even decide whether you should redirect the user or do something else.

If you're not using CloudFront, you can set the error page like in this picture (Credits to @Geander). In case you are using CloudFront, follow this AWS docs.

Renato Byrro
  • 3,578
  • 19
  • 34
  • Thanks for replying - but doesn't adding javascript to a 404.html still leave the same issue of the header containing the api key being exposed to the user? – Countach Feb 05 '18 at 00:13