Skip to content

Instantly share code, notes, and snippets.

@flackjap
Created October 18, 2020 11:13
Show Gist options
  • Save flackjap/d4a8893f6155f0d7575c72be41f5e5e0 to your computer and use it in GitHub Desktop.
Save flackjap/d4a8893f6155f0d7575c72be41f5e5e0 to your computer and use it in GitHub Desktop.
AWS Lambda@Edge Basic Auth for CloudeFront in front of S3
'use strict';
exports.handler = (event, context, callback) => {
// Get request and request headers
const request = event.Records[0].cf.request;
const headers = request.headers;
// Configure authentication
const authUser = 'my-s3-username';
const authPass = 'my-s3-password';
// Construct the Basic Auth string
const authString = 'Basic ' + new Buffer(authUser + ':' + authPass).toString('base64');
// Require Basic authentication
if (typeof headers.authorization == 'undefined' || headers.authorization[0].value != authString) {
const body = 'Unauthorized';
const response = {
status: '401',
statusDescription: 'Unauthorized',
body: body,
headers: {
'www-authenticate': [{key: 'WWW-Authenticate', value:'Basic'}]
},
};
callback(null, response);
}
// Continue request processing if authentication passed
callback(null, request);
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment