Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Expand file tree

/

cloudfront-security-headers

/
Copy path

Directory actions

More options

More options

Directory actions

More options

More options

Latest commit

 

History

History
History
 
 
/

cloudfront-security-headers

/

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
index.js
index.js
 
 
test-event.json
test-event.json
 
 

README.md

Outline

cloudfront-security-headers

AWS Lambda@Edge function to add common security headers for static content served via CloudFront.

Setup

IAM role creation

Create a new IAM role with the name aws-lambda-edge-execution-role and the following trust relationship:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": [
          "lambda.amazonaws.com",
          "edgelambda.amazonaws.com"
        ]
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Function configuration

Add the function code to AWS Lambda in the US East (N. Virginia) region with the following configuration options:

Key Value
Runtime Node.js 6.10
Handler index.handler
Role aws-lambda-edge-execution-role
Memory 128 (MB)
Timeout 3 sec

Next publish a version of the function and copy its Lambda Function ARN.

CloudFront configuration

In the behavior settings of the CloudFront distribution, add a new Lambda Function Association with the Event Type Origin Response and the Lambda Function ARN copied from the function configuration.
Save your edits and wait until the new settings have been deployed.

License

Released under the MIT license.

Author

Sebastian Tschan
Morty Proxy This is a proxified and sanitized view of the page, visit original site.