Skip to content
AWS Lambda that listens on S3 events and invalidates CDN cache.
JavaScript Shell HTML
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Build Status

AWS Lambda that listens on S3 events and invalidates Pixboost Images CDN cache.


Table of Contents:


We assume that you already have S3 bucket where images are getting uploaded.

Lambda Function

Lambda code is located in lambda/ folder. We recommend to deploy it using Cloud Formation (CF). However you can also deploy and setup it manually following this instruction.

You need to generate CF stack to include latest code into it. To do so you need Nodejs 8+ installed. To generate stack:

  • cd lambda
  • npm install

Generated CF stack will be in lambda/cf.yaml file.

You can deploy stack by executing a command:

aws cloudformation create-stack \ 
  --stack-name invalidate-image-cdn-lambda \
  --template-body file://lambda/cf.yaml \
  --parameters \
  ParameterKey=ImagesDomain,ParameterValue=<https://pixboost> \
  ParameterKey=ApiSecret,ParameterValue=<API-SECRET> \
  ParameterKey=ImageUrlPrefix,ParameterValue=<> \
  ParameterKey=LambdaRole,ParameterValue=<RoleArn> \
  ParameterKey=Debug,ParameterValue=<0|1> \
  --region us-east-1

You need to set parameters for the command above:

  • ImagesDomain - domain to send invalidate request to. In most cases it's But, it could be different if custom domain name setup and there is a corporate firewall rules preventing access to

  • ApiSecret - API secret that's been given you by Pixboost team.

  • ImageUrlPrefix - Image prefix that will be substituted with S3 item prefix. For instance, if an image URL on website is and S3 key is images/logo.png then parameter should be Note that Lambda will add / between prefix and S3 item key.

  • LambdaRole - ARN of the IAM role that Lambda will be executed by. Lambda doesn't need any special permissions and this example should work.

  • Debug - if passed as "1" then will output debug logs

Setup S3 to Lambda notification

To setup S3 bucket notification that will trigger the lambda function:

  • aws s3api put-bucket-notification-configuration --bucket <IMAGES_BUCKET> --notification-configuration file://event-configuration.json

<IMAGES_BUCKET> - name of the source bucket


  "LambdaFunctionConfigurations": [
      "Id": "invalidate-image-cdn",
      "LambdaFunctionArn": "<LAMBDA_ARN>",
      "Events": ["s3:ObjectCreated:*"]

<LAMBDA_ARN> - ARN of the lambda function from the previous section.


We are using localstack for mocking AWS.

  • docker network create invalidatecdn - once
  • docker-compose up -d
  • bash

To test:

cd test && npm test

Get Local Lambda Logs:

  • aws --endpoint-url=http://localhost:4586 --region us-east-1 logs describe-log-groups
  • aws --endpoint-url=http://localhost:4586 --region us-east-1 logs describe-log-streams --log-group-name /aws/lambda/invalidate-cdn
  • aws --endpoint-url=http://localhost:4586 --region us-east-1 logs get-log-events --log-group-name /aws/lambda/invalidate-cdn --log-stream-name "+51178/02/10/[$LATEST]b27ee410"


  • docker ps -a
  • Find first lambci/lambda:nodejs8.10 container
You can’t perform that action at this time.