4

What we are trying to do

We are trying to set up a very simple Geolocation service with API Gateway and Lambda.

Very similar to https://ipstack.com/, but we don't want to use an external service as we believe it could be an issue in some jurisdictions to send a non-anonymized IP address to a service we don't control (before getting the user's consent).

Would like to have a simple api https://location.my-site.com that returns the country (for GDPR, cookies, etc purposes).

Now it seems that there is a light Cloudfront behind API Gateway that would produce the header "Cloudfront-Viewer-Country", which would be very simple and achieve what we need. i.e. lambda receives Cloudfront-Viewer-Country and just sends it back.

What we have tried

I have seen solutions such as this one: Build a Geolocation API using AWS Lambda and MaxMind, but I struggle to see why deploying an RDS and maintaining the MaxMind database would make sense for us, if it is already available from Cloudfront-Viewer-Country.

I have seen this question: Accessing cloudfront-viewer-country header in AWS API Gateway using HTTP Proxy?, and tried implementing the answer from Michael - sqlbot. But I cannot seem to access the headers.

I have also tried what is suggested in this post, but I can't seem to access the value of Cloudfront-Viewer-Country either.

What we are doing (in conjunction with 'What we have tried')

To access and check if the header is available I am using the following python lambda function

import json
 
def lambda_handler(event, context):

    response = {
        'status': '200',
        'statusDescription': 'Found',
        'headers': {
            'location' : [ {
                'event': json.dumps(event)
            } ]
        }
    }
 
    return response

What the problem is

but the event json dump doesn't contain Cloudfront-Viewer-Country.

I suspect I'm doing something wrong but I really can't figure it out. Any pointer would be very much appreciated.

Thank you

Improve this question
8
  • Are you using a Lambda Proxy integration type in API Gateway? Or are you using a custom integration mapping? If you are using Lambda Proxy and the header is not there then I would suspect you need to enable caching in API Gateway in order to get the CloudFront distribution deployed in front of API Gateway. Commented Oct 12, 2020 at 13:58
  • I am using a custom integration mapping. I also tried Lambda Proxy integration, it gives me the 'most information' but doesn't work (enabled cache as per suggestion but didn't work either) I also tried an http api gateway, but there I don't see any options to add the header Commented Oct 12, 2020 at 15:49
  • The post you linked said they had caching enabled to get the header. Are you sure it doesn't work with caching enabled + proxy integration? Commented Oct 12, 2020 at 16:27
  • 1
    Thanks very much Mark B for the help. I couldn't get it to work with caching enabled + proxy integration. I have, finally, managed to get it working... the issue was trying to use Endpoint Type = Regional... Edge optimized worked (without cache, go figure...). I only got CloudFront-Viewer-Country working, but not the other geolocation data, which would have been helpful for CCPA. Commented Oct 12, 2020 at 19:55
  • You might have to place a separate CloudFront distribution in front of the API, instead of just enabling API caching, to get the full set of CloudFront headers. Commented Oct 12, 2020 at 22:25

1 Answer 1

Reset to default
2

I was able to get access to Cloudfront-Viewer-Country by setting a Endpoint Type = Edge optimized.

I could not get it to work with Endpoint Type = Regional or with http api gateway.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

because edge is putting CDN on top of API. If you do not need CDN service on top of API Gateway, then you should use Regional and get IP location info some other way. When AWS Cloudfront is on front of any request, it will place this header. No matter if down is Api Gateway or anything else.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.