1 Answer
- Newest
- Most votes
- Most comments
0
Yes, you can. Do you access your lambda behind a Cloudfront? Check how to restrict user access for Post and Put with the header x-amz-content-sha256: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-lambda.html
If you are using python in your client side, you can use hashlib library.
Example:
import hashlib
payload = b'{"key": "value"}' # Replace with your actual payload
sha256_hash = hashlib.sha256(payload).hexdigest()
Then you can call the Lambda URL, includes the value sha256_hash in the request header using x-amz-content-sha256.
Relevant content
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 4 months ago
Thank you for your answer, sir!
But can I do it from client side, not by Cloudfront?
I assume that traffic between client and Cloudfront is viewed by hacker then it can edit content. so that if we put x-amz-content-sha256 at Cloudfront side I think it does not work!
Hi Kaii, to secure your data in-transit between Client and CF, I recommend reviewing this AWS documentation: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html
This blog is also helpful for the portion of protecting your Lambda URL behind Cloudfront: https://aws.amazon.com/blogs/networking-and-content-delivery/secure-your-lambda-function-urls-using-amazon-cloudfront-origin-access-control/