Merge pull request #51 from aws-samples/origin-selection

Adding origin selection using CloudFront Functions example

Author: dbrown-git

.doc_gen/metadata/cloudfront-functions_metadata.yaml

@@ -185,4 +185,20 @@ cloudfront_functions_url_rewrite_single_page_apps:
                 - url-rewrite-single-page-apps/index.js
   services:
     cloudfront:
+cloudfront_functions_select_origin_based_on_country:
+  title: Route requests to an origin closer to the viewer in a &CF; Functions viewer request event
+  title_abbrev: Select origin closer to the viewer
+  synopsis: route requests to an origin closer to the viewer in a &CF; Functions viewer request event.
 
+  category: CloudFront Functions examples
+  languages:
+    JavaScript:
+      versions:
+        - sdk_version: 102
+          github: https://github.com/aws-samples/amazon-cloudfront-functions/tree/main/select-origin-based-on-country
+          excerpts:
+            - description:
+              snippet_files:
+                - select-origin-based-on-country/index.js
+  services:
+    cloudfront:

amazon-cloudfront-functions

@@ -0,0 +1 @@
+Subproject commit 640e3d5cd9a587c3fbfd29138533f998547abe7c

select-origin-based-on-country/README.md

@@ -0,0 +1,7 @@
+## Route requests to an origin closer to the viewer’s country
+
+**CloudFront Functions event type: viewer request**
+
+This function makes use of the `Cloudfront-Viewer-Country` [geolocation header](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-cloudfront-headers.html#cloudfront-headers-viewer-location) which performs a lookup on the request to determine the user's country and includes that value in the `Cloudfront-Viewer-Country` request header. For the geolocation or device detection headers to appear in the request object within a function, you must allow these headers (or allow all viewer headers) in a CloudFront [origin request policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-understand-origin-request-policy) or [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-understand-cache-policy).
+
+This function assumes content is replicated to five geographically dispersed Amazon S3 buckets. Based on the `Cloudfront-Viewer-Country` header, this function modifies the origin of the request to the geographically closest Amazon S3 bucket to the user. Each S3 bucket is private and protected using CloudFront's [origin access control](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html). If the requested content is not found in the CloudFront cache, CloudFront will fetch the content from the S3 bucket closest to the viewer.

select-origin-based-on-country/index.js

@@ -0,0 +1,38 @@
+import cf from 'cloudfront';
+
+function handler(event) {
+    const request = event.request;
+    const headers = request.headers;
+    const country = headers['cloudfront-viewer-country'] &&
+        headers['cloudfront-viewer-country'].value;
+
+    //List of Regions with S3 buckets containing content
+    const countryToRegion = {
+        'DE': 'eu-central-1',
+        'IE': 'eu-west-1',
+        'GB': 'eu-west-2',
+        'FR': 'eu-west-3',
+        'JP': 'ap-northeast-1',
+        'IN': 'ap-south-1'
+    };
+
+    const DEFAULT_REGION = 'us-east-1';
+
+    const selectedRegion = (country && countryToRegion[country]) || DEFAULT_REGION;
+
+    const domainName =
+        `cloudfront-functions-demo-bucket-in-${selectedRegion}.s3.${selectedRegion}.amazonaws.com`;
+
+    cf.updateRequestOrigin({
+        "domainName": domainName,
+        "originAccessControlConfig": {
+            "enabled": true,
+            "region": selectedRegion,
+            "signingBehavior": "always",
+            "signingProtocol": "sigv4",
+            "originType": "s3"
+        },
+    });
+
+    return request;
+}