update security custom header


Hi team,

I want to modify a custom header value in a CF origin with lambda. this lambda should read the value from the secret manager and update the value of the custom header in Cf accordingly.

is this achievable via a lambda function?

Thank you!

1 Answer


This is a use case which could be solved using Lambda@Edge. The blog post How to enhance Amazon CloudFront origin security with AWS WAF and AWS Secrets Manager demonstrates a similar scenario, adding a custom header with a value from Secrets Manager. One area to pay attention to is the selection of the CloudFront event used to trigger your Lambda function. Some events can be used to trigger the function on every request while others may only execute the function when CloudFront forwards a request to the origin, i.e. when the requested object is not in the CloudFront cache.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions