I have S3 buckets that I use to serve public assets with (behind CloudFront, with a custom domain name). However the response always included the header field “Server” with a value “AmazonS3”. I didn’t like to publish the fact that I was using S3 (because what for?) and I wondered If I could change that string.
It’s not entirely straightforward, but not difficult either.
Here’s how I did it:
-
Set up S3 buckets
-
Set up CloudFront for these buckets
-
Set up a Lambda (Lambda@Edge only, this means us-east-1, N. Virginia)
-
Insert code (see below)
-
Actions/publish new version (must be versioned Lambda)
-
Select version and add CloudWatch triggers. NOTE: Make sure you use the event type “origin-response”.
-
Ensure permissions for Lambda (logs:CreateLogStream, logs:PutLogEvents, logs:CreateLogGroup, maybe others..)
-
Set up trust relationship for lambda role, see below.
Note that depending on you CloudFront setup it can take a while for your changes to become visible. I used the “Invaldations” feature to invalidate the cache for some urls.
Lambda Code:
'use strict';
exports.handler = (event, context, callback) => {
const response = event.Records[0].cf.response;
response.headers['server'] = [{
key: 'Server',
value: 'Whatever you like',
}];
callback(null, response);
};
Trust Relationships:
"Service": ["lambda.amazonaws.com", "edgelambda.amazonaws.com"]
This is all based on this useful blogpost, definitely check it out: https://nvisium.com/resources/blog/2017/08/10/lambda-edge-cloudfront-custom-headers.html
P.S.: You can follow me on Twitter.