Centinel AnalyticaPlatforms
AWS CloudFront
Deploy Centinel Analytica on an existing CloudFront distribution via Lambda@Edge.
Overview
This guide covers the console workflow for installing the Centinel Lambda@Edge function. After associating the function, allow 15-20 minutes for CloudFront to propagate the protection globally.
Prerequisites
- Centinel secret key
- CloudFront distribution you can edit
- AWS Console access with Lambda and CloudFront permissions
Prepare the package
- Download
centinel-cloudfront.js. - Open the file and replace the empty
CENTINEL_SECRET_KEYvalue with your key. - Zip the modified
centinel-cloudfront.jsto create a deployment archive.
Create the Lambda function
- Switch the AWS Console region to N. Virginia (us-east-1).
- Go to Lambda → Create function → Author from scratch.
- Name the function (e.g.
centinel-cloudfront), choose Node.js 20.x, and create it. - In the Code tab, select Upload from → .zip file and upload your archive.
- Under Configuration → General configuration, set Timeout to 5 seconds and Memory to 128 MB.
- Choose Actions → Publish new version and note the versioned ARN.
Associate with CloudFront
- Open CloudFront → Distributions, select the distribution to protect, and edit the cache behavior you want covered.
- In Function associations, click Add function, choose Lambda@Edge, paste the versioned ARN, and set the event type to Viewer request.
- Save the behavior to start global deployment.
Verify deployment
- Watch the distribution status until it says Deployed (15-20 minutes).
- Browse the distribution domain to confirm traffic flows normally.
- Check CloudWatch logs for entries prefixed with
[Centinel]if you need to troubleshoot.
Changelog
- 1.0.2 - Fixed typo.
- 1.0.1 - Better performance.
- 1.0.0 - Initial release.