7

We have a lambda@edge function which listens to cloudfront distribution origin request and response events. We are trying to automate the deployment. So far we succeeding in updating the code and publishing the new version.

  - npm install
  - zip -r lambda.zip *
  - aws lambda update-function-code --function-name LambdaFunction1 --zip-file fileb://lambda.zip
  - aws lambda publish-version --function-name LambdaFunction1

But how do we update CloudFront triggers to point to the latest published version?

Improve this question
1
  • Did you find a solution for this? I cannot find any information about publishing a new lambda version to CloudFront. Commented Nov 20, 2018 at 8:52

2 Answers 2

Reset to default
4

Perform the following steps-

  1. Check the versions of lambda first by running the following cli command. And the Fetch the FunctionARN of the latest version.

aws lambda list-versions-by-function --function-name LAMBDA_NAME

  1. Get the cloudfront distribution json data first by the following command.

aws cloudfront get-distribution-config --id DISTRIBUTION_ID > cf_config.json

  1. Create a file named updated_cf_config.json by fetching DistributionConfig key from the cf_config.json.

  2. Now Put the FunctionARN of the latest Version of lambda inside the "LambdaFunctionAssociations" -> "LambdaFunctionARN"

  3. Update cloudfront distribution by running the command. To update the cloudfront distribution we need ETAG from cf_config.json:

aws cloudfront update-distribution --distribution-config file://cf_config.json --id DISTRIBUTION_ID --if-match ETAG

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Should anyone stumble upon this, I created a simple Node.js script to handle the CloudFront update.

It requires you capture the response of the aws lambda publish-version command into lambda_publish_response.json, and that you change the cloudFrontDistributionId variable, but everything else "should just work":

const fs = require('fs');
const {exec} = require('child_process');

const cloudFrontDistributionId = 'EXXXXXXXXXXXXX';
const currentCloudFrontConfigFile = 'cf_config.json';
const updatedCloudFrontConfigFile = 'cf_config_updated.json';
const lambdaPublishResponseFile = 'lambda_publish_response.json';

exec(`aws cloudfront get-distribution-config --id ${cloudFrontDistributionId} > ${currentCloudFrontConfigFile}`, (error, stdout, stderr) => {
    if (error) {
        console.error(`error: ${error.message}`);

        return process.exit(1);
    }

    if (stderr) {
        console.error(`stderr: ${stderr}`);

        return process.exit(1);
    }

    if (!fs.existsSync(lambdaPublishResponseFile)) {
        console.error('Run this first: `aws lambda publish-version --function-name LambdaFunctionName > lambda_publish_response.json`');

        return process.exit(1);
    }

    let cfConfig = JSON.parse(fs.readFileSync(currentCloudFrontConfigFile));
    const etag = cfConfig.ETag;
    const lambdaPublishData = JSON.parse(fs.readFileSync(lambdaPublishResponseFile));

    cfConfig.DistributionConfig.DefaultCacheBehavior.LambdaFunctionAssociations.Items[0].LambdaFunctionARN = lambdaPublishData.FunctionArn;

    fs.writeFileSync(updatedCloudFrontConfigFile, JSON.stringify(cfConfig.DistributionConfig));

    exec(`aws cloudfront update-distribution --distribution-config file://${updatedCloudFrontConfigFile} --id ${cloudFrontDistributionId} --if-match ${etag}`, (error, stdout, stderr) => {
        if (error) {
            return console.error(`error: ${error.message}`);
        }

        if (stderr) {
            return console.error(`stderr: ${stderr}`);
        }

        console.log(`stdout: ${stdout}`);

        fs.unlinkSync(lambdaPublishResponseFile);
        fs.unlinkSync(currentCloudFrontConfigFile);
        fs.unlinkSync(updatedCloudFrontConfigFile);
    });
});

Here is a Gist listing all the commands required to make this happen: https://gist.github.com/neonexus/3062b34b09896fa027e22d332dd65069

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.