在 aws 中使用 lambda 函数密码保护 s3 存储桶
[英]Password protect s3 bucket with lambda function in aws
问题描述
I added website authentication for s3 bucket using lambda function and then connect the lambda function with the CloudFront by using behavior settings in distribution settings and it worked fine and added authentication(means htaccess authentication in simple servers).
我使用 lambda 函数为 s3 存储桶添加了网站身份验证,然后通过使用分发设置中的行为设置将 lambda 函数与 CloudFront 连接起来,它工作正常并添加了身份验证(在简单服务器中意味着 htaccess 身份验证)。 Now I want to change the password for my website authentication.现在我想更改我的网站身份验证的密码。 For that, I updated the password and published the new version of the lambda function and then in the distribution settings;为此,我更新了密码并发布了新版本的 lambda 函数,然后在分发设置中; I created a new invalidation to clear cache.我创建了一个新的失效来清除缓存。 But it didn't work, and website authentication password didn't change.但是没用,网站认证密码也没变。 Below is my lambda function code to add authentication.下面是我添加身份验证的 lambda 函数代码。
'use strict';
exports.handler = (event, context, callback) => {
// Get request and request headers
const request = event.Records[0].cf.request;
const headers = request.headers;
// Configure authentication
const authUser = 'user';
const authPass = 'pass';
// Construct the Basic Auth string
const authString = 'Basic ' + new Buffer(authUser + ':' + authPass).toString('base64');
// Require Basic authentication
if (typeof headers.authorization == 'undefined' || headers.authorization[0].value != authString) {
const body = 'Unauthorized';
const response = {
status: '401',
statusDescription: 'Unauthorized',
body: body,
headers: {
'www-authenticate': [{key: 'WWW-Authenticate', value:'Basic'}]
},
};
callback(null, response);
}
// Continue request processing if authentication passed
callback(null, request);
};
Can anyone please help me to solve the problem.任何人都可以帮我解决这个问题。
Thanks in advance.提前致谢。
1 个解决方案
解决方案1
0 2018-10-20 12:26:08
On Lambda function view, After you save your changes (using Firefox could be a safer option, see below if you wonder why)在 Lambda 函数视图中,保存更改后(使用 Firefox 可能是更安全的选择,如果您想知道为什么,请参见下文)
you will see a menu item under Configuration - > Designer -> CloudFront.您将在 Configuration -> Designer -> CloudFront 下看到一个菜单项。 You will see following screens.您将看到以下屏幕。
After you deploy :部署后:
You can publish your change to CloudFront distribution.您可以将更改发布到 CloudFront 分配。 Once you publish this, it will automatically start deploying CF distribution which you can view on CF menu.发布后,它会自动开始部署 CF 发行版,您可以在 CF 菜单上查看。
Also i would prefer using "Viewer Request" as a CloudFront trigger event, not sure which one you are using as this should avoid Cloudfront caching.此外,我更喜欢使用“查看器请求”作为 CloudFront 触发器事件,不确定您使用的是哪一个,因为这可以避免 Cloudfront 缓存。 On top of this Chrome sometimes fails to save changes on Lambda.除此之外,Chrome 有时无法在 Lambda 上保存更改。 There should be a bug on aws console. aws 控制台上应该有一个错误。 Try Firefox just to be safe when you are editing lambda functions.在编辑 lambda 函数时,请尝试使用 Firefox 以确保安全。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.