Webinar: Get Hands-On With ServerlessRegister now

Amazon CloudFront Origin Access Control for AWS Lambda Function URL

Amazon CloudFront → AWS Lambda

Access your Lambda Function URLs securely using Amazon CloudFront Origin Access Control

The SAM template sets up a CloudFront Distribution with a Lambda function URL as the origin. An Origin Access Control (OAC) specific to Lambda is created and linked to the CloudFront Distribution, ensuring that only CloudFront can access the Lambda function URL. The template also configures appropriate invoke permissions for the Lambda function. The Origin and Cache Behavior settings in the CloudFront Distribution are optimized for best practices when using a Lambda function URL as the origin.

< Back to all patterns
Language:
Node.js
Framework:
AWS SAM

GitHub icon Download this pattern (.zip)

GitHub icon View this pattern on GitHub

Clone repo

git clone https://github.com/aws-samples/serverless-patterns/cd serverless-patterns/cloudfront-lambdafunctionurl-oac-sam

Deploy

sam buildsam deploy --guidedSee the GitHub repo for detailed build and deploy instructions.

Testing

Access the Lambda function URL both through the CloudFront distribution and directly, then observe the results.
See the GitHub repo for detailed testing instructions.

Cleanup

sam delete
See the GitHub repo for detailed cleanup instructions.

Additional resources

Created by:

Shekhar Shrinivasan

Shekhar Shrinivasan

Senior Technical Consultant (TAM) at Amazon Web Services (AWS)

Follow on LinkedIn