AWS Lambda to work around index.html S3/CloudFront mess

Overview

No more index.html mess with AWS CloudFront/S3

Problem

Consider you have a statically generated site — a bunch of usual resources, including html files. You test this site locally with a development web server for convenience, and everything works. You set up a private S3 bucket plus a CloudFront distribution authorized to access this bucket to expose site at your domain and get caching benefits.

But once you upload your resources, you run into an issue: your site relies on relative links like /section/, expecting that you'll get contents of /section/index.html file in response — after all, lots of web servers implement this logic as their default behavior — but accessing such relative link over CloudFront returns a 403 error page. After some troubleshooting you figure out that configuring index.html as a default root object on the CloudFront distribution only really works for root object, and does not work with subdirectories.

If this scenario looks familiar, then this tool can help you.

Solution

Command cloudfront-autoindex is an AWS Lambda that processes S3 ObjectCreated events looking for objects with /index.html suffix in their name, and makes copies of those objects with /index.html and index.html suffixes stripped.

This way if you have a directory doc with an index.html file in it, and you upload that directory to an S3 bucket fronted by CloudFront, you can then see your page not only by accessing https://example.org/doc/index.html, but also at https://example.org/doc and https://example.org/doc/, as this Lambda creates two copies of doc/index.html key under doc and doc/ keys.

Setup

Build and compress:

GOOS=linux GOARCH=amd64 go build -o main
zip -9 lambda.zip main

Create a new AWS Lambda, picking the "Go 1.x" runtime. Change its handler name from default "hello" to "main" (binary name you built above), and upload lambda.zip file.

It requires the usual permissions, e.g. AWSLambdaBasicExecutionRole AWS-managed role, plus these permissions to work with S3 (optionally limit with your bucket names):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "CopyObject",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject"
            ],
            "Resource": "arn:aws:s3:::*/*"
        }
    ]
}

Once Lambda is created and configured, go to S3 bucket settings, Properties → Event notifications → Create event notification. Enter index.html as a Suffix, and select s3:ObjectCreated events except for the s3:ObjectCreated:Copy. Pick your Lambda function created above as event destination.

You might also like...
Go package providing opinionated tools and methods for working with the `aws-sdk-go/service/cloudfront` package.

go-aws-cloudfront Go package providing opinionated tools and methods for working with the aws-sdk-go/service/cloudfront package. Documentation Tools $

Turn any key/value index into a high-performance two-dimensional spatial index
Turn any key/value index into a high-performance two-dimensional spatial index

modular-spatial-index For the demo that this animated gif was generated from

Run the same Docker images in AWS Lambda and AWS ECS
Run the same Docker images in AWS Lambda and AWS ECS

serverlessish tl;dr Run the exact same image for websites in Lambda as you do in ECS, Kubernetes, etc. Just add this to your Dockerfile, listen on por

Hidra is a tool to monitor all of your services without making a mess.

hidra Don't lose your mind monitoring your services. Hidra lends you its head. ICMP If you want to use ICMP scenario, you should activate on your syst

A Simple Application written in go-lang that serves the index.html

go-web server A Simple Application written in go-lang that serves the index.html Running the Application, Well, make sure you have go installed to con

Lambda stack to turn off and destroy all resources from your personal AWS Account to avoid billing surprises
Lambda stack to turn off and destroy all resources from your personal AWS Account to avoid billing surprises

AWS, Turn off my Account, please Lambda stack to turn off and destroy all resources from your personal AWS Account to avoid billing surprises Resource

re:Web enables classic web applications to run on AWS Lambda.
re:Web enables classic web applications to run on AWS Lambda.

re:Web re:Web enables classic web applications to run on AWS Lambda. re:Web interfaces with the Lambda Runtime API. It translates API Gateway requests

The fastest HTTP/2 Go Web Framework. AWS Lambda, gRPC, MVC, Unique Router, Websockets, Sessions, Test suite, Dependency Injection and more. A true successor of expressjs and laravel | 谢谢 https://github.com/kataras/iris/issues/1329 |
Small Lambda function which performs a Aws:Sts:AssumeRole based on the presented JWT-Token

About This implements a AWS Lambda handler which takes a JWT-Token, validates it and then performs a Aws:Sts:AssumeRole based on preconfigured rules.

AWS Cloudtrail event alerting lambda function. Send alerts to Slack, Email, or SNS.
AWS Cloudtrail event alerting lambda function. Send alerts to Slack, Email, or SNS.

Cloudtrail-Tattletail is a Lambda based Cloudtrail alerting tool. It allows you to write simple rules for interesting Cloudtrail events and forward those events to a number of different systems.

Drop-in replacement for Go net/http when running in AWS Lambda & API Gateway
Drop-in replacement for Go net/http when running in AWS Lambda & API Gateway

Package gateway provides a drop-in replacement for net/http's ListenAndServe for use in AWS Lambda & API Gateway, simply swap it out for gateway.Liste

Stream, Mutate and Sign Images with AWS Lambda and ECR
Stream, Mutate and Sign Images with AWS Lambda and ECR

ocistow About How it works Try it yourself Prerequisites CLI (cmd/ocistow) Lambda (cmd/ocistow-lambda) Deploy Invoke Verify signatures with =cosign= I

This repository shows how can we use `AWS Lambda` to build serverless applications in golang.

Serverless Api in Go with AWS Lambda Here we are going to use AWS Lambda to build serverless applications in golang. Prerequisites You’ll need an AWS

Prueba de concepto: Boletia, una aplicación para venta de boletos, basada en microservicios event-driven. Desarrollada sobre AWS Serverless: Api Gateway, Lambda, DynamoDB, DynamoDB Streams
Prueba de concepto: Boletia, una aplicación para venta de boletos, basada en microservicios event-driven. Desarrollada sobre AWS Serverless: Api Gateway, Lambda, DynamoDB, DynamoDB Streams

Prueba de concepto: Boletia, una aplicación para venta de boletos, basada en microservicios event-driven. Desarrollada sobre AWS Serverless: Api Gatew

Golang AWS SAM Lambda example

Golang AWS SAM Lambda example This example project shows how to use AWS SAM with

Go-xrayprofile - Selective profiling of AWS Lambda functions

go-xrayprofile AWS X-Ray is handy for understanding the overall performance of y

Deploy 2 golang aws lambda functions using serverless framework.

Deploy 2 golang aws lambda functions using serverless framework.

Mrrobot - A simple greetings bot for Slack that uses events api and hosted on AWS Lambda

Mr. Robot a greeter bot for your slack community build_docker

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

bluemonday bluemonday is a HTML sanitizer implemented in Go. It is fast and highly configurable. bluemonday takes untrusted user generated content as

Comments
  • A caveat to note

    A caveat to note

    It turns out that I implemented this at work a few weeks ago, so I was pleased to see somebody else with the same idea.

    One minor glitch that we had, and I am assuming you have too is that relative links don't work consistently between somedir/sub and somedir/sub/. In the first case, the current directory is treated as somedir, while in the second case it is treated as somedir/sub, so the same index.html with relative links can't work in both cases.

    For us, this isn't a major problem so I probably won't get around to fixing it. The fix would involve adjusting all relative links in one of the two copies of index.html.

    Thanks for sharing the cool tool anyway. It popped up on my Google homepage 🙂

    opened by mungojam 2
Owner
Artyom Pervukhin
Artyom Pervukhin
Run the same Docker images in AWS Lambda and AWS ECS

serverlessish tl;dr Run the exact same image for websites in Lambda as you do in ECS, Kubernetes, etc. Just add this to your Dockerfile, listen on por

Glass Echidna 182 Sep 18, 2022
AWS SDK for the Go programming language.

AWS SDK for Go aws-sdk-go is the official AWS SDK for the Go programming language. Checkout our release notes for information about the latest bug fix

Amazon Web Services 8k Nov 29, 2022
Browse your AWS ECS Clusters in the Terminal

Browse your AWS ECS Clusters in the Terminal. The ecsview application is a terminal-based UI for browsing Amazon Elastic Container Service (ECS) clust

Jason Swartz 101 Nov 1, 2022
Generate a basic IAM policy from AWS client-side monitoring (CSM)

iamlive Generate a basic IAM policy from AWS client-side monitoring (CSM) Installation Pre-built binaries Pre-built binaries for Windows, macOS and Li

Ian Mckay 2.2k Dec 5, 2022
AWS plugin for Steampipe

Use SQL to query IAM users, EC2 instances and more from your AWS account.

Turbot 112 Nov 24, 2022
A snapshot of Mess With DNS's backend code from around when it was released

Mess With DNS This is a snapshot of Mess With DNS's backend code from around whe

Julia Evans 174 Nov 9, 2022
lambda-go-api-proxy makes it easy to port APIs written with Go frameworks such as Gin to AWS Lambda and Amazon API Gateway.

aws-lambda-go-api-proxy makes it easy to run Golang APIs written with frameworks such as Gin with AWS Lambda and Amazon API Gateway.

Amazon Web Services - Labs 743 Dec 6, 2022
A plugin for running Open Policy Agent (OPA) in AWS Lambda as a Lambda Extension.

opa-lambda-extension-plugin A custom plugin for running Open Policy Agent (OPA) in AWS Lambda as a Lambda Extension. To learn more about how Lambda Ex

GoDaddy 24 Oct 11, 2022
This example shows how to serve private contents on AWS S3 through CloudFront signed URL.

AWS CloudFront with Signed URL This is the repository of my blog post. This example shows how to serve private contents on AWS S3 through CloudFront s

Hao-Ming, Hsu 7 Oct 19, 2022
AWS Cloudfront Real-Time Logging Stack

aws-cf-rtl AWS Cloudfront Real-Time Logging Why? AWS Cloudfront easily stashes JSON formatted weblogs to S3 buckets (standard logging). However, proce

Robert Sigler 0 Jan 18, 2022