AWS CloudFront S3, Basic HTTP authentication – password protection

This is a post it to this article explaining how to use a Lambda function to protect a CloudFront-S3 distribution using Basic HTTP Authentication.

Some additional notes:

  • The Lambda Function must be in the region us-east-1 (US East N. Virginia)
  • You must create a new version of the Lambda function
  • The ARN of the Lambda function you provide to CloudFront must inlude the lambda version
  • The Lambda function’s role must have the following Trust Policy

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "", "" ] }, "Action": "sts:AssumeRole" } ] }