@netacea/cloudfront

Netacea CloudFront

 

@netacea/cloudfront is a package designed to add Netacea functionality to CloudFront Lambda@Edge.

Installation

🌻 Starting fresh

Quickest way to get started, is pulling the Netacea CloudFront template repository from github and following the steps in there to get up and running.

git clone https://github.com/Netacea/cloudfront-worker-template-typescript.git

Follow the README.md in the cloudfront-worker-template-typescript repository to get this deployed.

✍ Existing Lambda@Edge worker

Run the following command to install the netacea worker

npm i @netacea/cloudfront --save

Require (javascript) or import (typescript) the worker

// JAVASCRIPT:
const NetaceaCloudFront = require('@netacea/cloudfront').default
// TYPESCRIPT:
import NetaceaCloudFront from '@netacea/cloudfront'

Then declare a variable for the worker.

const worker = new NetaceaCloudFront({
  apiKey: 'your-api-key', // REQUIRED
  secretKey: 'your-secret-key', // REQUIRED IF MITIGATING
  kinesisStreamName: 'your-kinesis-stream-name', // REQUIRED
  kinesisAccessKey: 'your-kinesis-access-key', // REQUIRED
  kinesisSecretKey: 'your-kinesis-secret-key' // REQUIRED if not using secretsManager
})

It's best security practice to not commit your apiKey, secretKey, kinesisAccessKey, kinesisSecretKey to any repository.

The code will run in the Viewer Request, Origin Response and Viewer Response events.

Example Viewer Request:

import NetaceaCloudFront from '@netacea/cloudfront'
const worker = new NetaceaCloudFront({
  apiKey: 'your-api-key', // REQUIRED
  secretKey: 'your-secret-key', // REQUIRED IF MITIGATING
  kinesisStreamName: 'your-kinesis-stream-name', // REQUIRED
  kinesisAccessKey: 'your-kinesis-access-key', // REQUIRED
  kinesisSecretKey: 'your-kinesis-secret-key' // REQUIRED if not using secretsManager
})

export const handler = async (event: any, context: any, callback: any): Promise<any> => {
  context.callbackWaitsForEmptyEventLoop = false
  const netaceaResponse = await worker.run(event)
  const { request, response } = netaceaResponse.Records[0].cf
  if (response !== undefined) {
    return callback(null, response)
  }
  return callback(null, request)
}

Example Origin Response:

import NetaceaCloudFront from '@netacea/cloudfront'
const worker = new NetaceaCloudFront({
  apiKey: 'your-api-key', // REQUIRED
  secretKey: 'your-secret-key', // REQUIRED IF MITIGATING
  kinesisStreamName: 'your-kinesis-stream-name', // REQUIRED
  kinesisAccessKey: 'your-kinesis-access-key', // REQUIRED
  kinesisSecretKey: 'your-kinesis-secret-key' // REQUIRED if not using secretsManager
})

export const handler = async (event: any, context: any, callback: any): Promise<void> => {
  context.callbackWaitsForEmptyEventLoop = false
  if (event.Records[0].cf.response.status >= 400) {
    worker.addNetaceaCookiesToResponse(event)
    worker.ingest(event)
  }
  return callback(null, event.Records[0].cf.response)
}

Example Viewer Response:

import NetaceaCloudFront from '@netacea/cloudfront'
const worker = new NetaceaCloudFront({
  apiKey: 'your-api-key', // REQUIRED
  secretKey: 'your-secret-key', // REQUIRED IF MITIGATING
  kinesisStreamName: 'your-kinesis-stream-name', // REQUIRED
  kinesisAccessKey: 'your-kinesis-access-key', // REQUIRED
  kinesisSecretKey: 'your-kinesis-secret-key' // REQUIRED if not using secretsManager
})

export const handler = async (event: any, context: any, callback: any): Promise<void> => {
  context.callbackWaitsForEmptyEventLoop = false
  if (event.Records[0].cf.response.status < 400) {
    worker.addNetaceaCookiesToResponse(event)
    worker.ingest(event)
  }
  return callback(null, event.Records[0].cf.response)
}

This line is very important for ingest to take place. Without this, latency will be added to some requests.

context.callbackWaitsForEmptyEventLoop = false

⬆ Updating

npm i @netacea/cloudfront@latest --save

This will update the netacea module to the latest version.