pwrdrvr/microapps-core

Move static file routing to Lambda @ Edge

Closed this issue · 1 comments

Motivations

  • Static files, or things that look like static files, are served by some app frameworks
  • URL-type apps may need static files forwarded to the URL origin
  • Makes it so that more things will "just work"

To-Do

  • Explore Origin Groups to route 404s on S3 to the Lambda origin
  • Add setting for static files on S3 - Default to true, allow to be set to false for a version
  • Set the authMethod field on the origin to origin-access-identity
  • Move the API Gateway endpoint to the lambda config file
  • Switch the origin for API Gateway behaviors to S3 - This is required because an OAI is needed but an OAI cannot be added when changing from a Custom origin to an S3 origin, only when the default origin is already an S3 origin
  • Lookup in the Lambda @ Edge if the static files should be forwarded to the origin or not
  • Allow the static file route to be removed from the CDK stack, falling through to Lambda @ Edge
  • When static files are not on S3, route them to the app, otherwise route them to S3

Proposed Request Routing to S3 and Lambda

2nd Proposal

Image

Rejected - 1st Proposal - Can't work because Origin Groups only Support GET/HEAD/OPTIONS

MicroApps - Architecture - Request Routing

Docs

Changing Custom Origin to S3 Origin

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-examples.html#lambda-examples-content-based-S3-origin-based-on-query

Changing S3 Origin to Custom Origin

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-examples.html#lambda-examples-content-based-custom-origin-request-trigger

Changing S3 Origin Region

https://aws.amazon.com/blogs/networking-and-content-delivery/using-amazon-cloudfront-and-amazon-s3-to-build-multi-region-active-active-geo-proximity-applications/

With Origin Groups the OriginRequest function can run twice. Need to detect whether this is the primary (should rewrite and sign for Function URL) or fallback origin (should not touch the request and let it fall through to S3 with OAI signing).

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html#concept_origin_groups.lambda

Image