What’s the difference with Lambda@Edge?
CloudFront Functions and Lambda@Edge are both triggered by events generated by CloudFront. But, CloudFront Functions sit in front of the CloudFront cache. The functions are executed on every request or every response—that’s why CloudFront Functions need to run under 1ms. In comparison, a Lambda sits between the CloudFront cache and the origin, so it’s executed only when the cache is not valid.
AWS built the CloudFront Functions to address scaling and performance issues that we could face with Lambda@Edge. For instance, cold starts would impact the performance for doing token authorization. Or, in the case of high traffic spikes, we would be limited by lambda throttling or concurrency. With CloudFront Functions, no matter how many requests we get, it will scale indefinitely to match the traffic.
When to use CloudFront Functions?
If we need to rewrite (i.e., AB flag), redirect, authorize (i.e., JWT token) a request, we should consider using a CloudFront Function.
If we need to do heavier computing, like server-side rendering, or data aggregation/transformation that wouldn’t fit the performance budget, we should use a Lambda@Edge.