Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 40 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,51 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [7.0.0] - 2025-01-27

### Changed

- Location of API Gateway infrastructure resources
- **Breaking** New condition on API gateway will cause a delete/create of ApiGateway::Deployment on stack update
- **Breaking:** Exception thrown on invalid resize parameters [#463](https://github.com/aws-solutions/serverless-image-handler/pull/463)
- Code formatting to align with ESLint rules
- **Breaking** Reduced passthrough of errors from external APIs to response body. Errors will still be logged.
- Modified CloudFront logging bucket to have versioning enabled by default
- CloudFront behaviour to redirect http requests to https rather than throwing forbidden error
- Set-Cookie was added to list of deny-listed response headers
- Name of solution from Serverless Image Handler on AWS to Dynamic Image Transformation for Amazon CloudFront.

### Added

- Ability to enable origin shield through a deployment parameter
- Ability to deploy solution without creating a CloudFront distribution
- CloudFront function to normalize accept headers when AutoWebP is enabled
- Alternative infrastructure using S3 Object Lambda to overcome 6 MB response size limit
- Query param named expires which can be used to define when a generated image should no longer be accessible
- Ability to include smart_crop as a filter for Thumbor style requests, taking advantage of AWS Rekognition face cropping
- Ability to set CloudWatch log retention period to Infinite
- Ability to specify Sharp input image size limit [#465](https://github.com/aws-solutions/serverless-image-handler/issues/465) [#476](https://github.com/aws-solutions/serverless-image-handler/pull/476)
- Query parameter based image editing [#184](https://github.com/aws-solutions/serverless-image-handler/issues/184)
- Query parameter normalization to improve cache hit rate
- CloudWatch dashboard to improve Solution observability
- Additional anonymized metrics to help understand how the solution is being used, identify areas of improvement, and drive future roadmap decisions.

### Removed

- Accept header being used in cache policy when AutoWebP is disabled

### Fixed

- Broken URLs in Signature and Fallback Image template parameters

## [6.3.3] - 2024-12-27

### Fixed

- Overlays not checking for valid S3 buckets
- Failures when updating deployments created in version 6.1.0 and prior [#559](https://github.com/aws-solutions/serverless-image-handler/issues/559)

### Security
### Security

- Added allowlist on sharp operations. [Info](https://docs.aws.amazon.com/solutions/latest/serverless-image-handler/create-and-use-image-requests.html#restricted-operations)
- Added deny list on custom headers for base64 encoded requests. [Info](https://docs.aws.amazon.com/solutions/latest/serverless-image-handler/create-and-use-image-requests.html#include-custom-response-headers)
Expand All @@ -20,8 +58,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [6.3.2] - 2024-11-22

### Fixed
- Upgrade cross-spawn to v7.0.6 for vulnerability [CVE-2024-9506](https://github.com/advisories/GHSA-5j4c-8p2g-v4jx)

- Upgrade cross-spawn to v7.0.6 for vulnerability [CVE-2024-9506](https://github.com/advisories/GHSA-5j4c-8p2g-v4jx)

## [6.3.1] - 2024-10-02

Expand Down
4 changes: 3 additions & 1 deletion NOTICE
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Serverless Image Handler
Dynamic Image Transformation for Amazon CloudFront

Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
Licensed under the Apache License Version 2.0 (the "License"). You may not use this file except
Expand All @@ -24,6 +24,7 @@ This software includes third party software subject to the following copyrights:
@aws-solutions-constructs/aws-cloudfront-s3 under the Apache License 2.0
@aws-solutions-constructs/core under the Apache License 2.0
@popperjs/core under the Massachusetts Institute of Technology (MIT) license
@types/aws-lambda under the Massachusetts Institute of Technology (MIT) license
@types/color under the Massachusetts Institute of Technology (MIT) license
@types/color-name under the Massachusetts Institute of Technology (MIT) license
@types/jest under the Massachusetts Institute of Technology (MIT) license
Expand Down Expand Up @@ -55,6 +56,7 @@ ts-jest under the Massachusetts Institute of Technology (MIT) license
ts-node under the Massachusetts Institute of Technology (MIT) license
typescript under the Apache License 2.0
uuid under the Massachusetts Institute of Technology (MIT) license
dayjs under the Massachusetts Institute of Technology (MIT) license
@aws-sdk/client-cloudwatch under the Apache License 2.0
@aws-sdk/client-cloudwatch-logs under the Apache License 2.0
@aws-sdk/client-sqs under the Apache License 2.0
Expand Down
38 changes: 26 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
**[Serverless Image Handler](https://aws.amazon.com/solutions/implementations/serverless-image-handler/)** | **[🚧 Feature request](https://github.com/aws-solutions/serverless-image-handler/issues/new?assignees=&labels=enhancement&template=feature_request.md&title=)** | **[🐛 Bug Report](https://github.com/aws-solutions/serverless-image-handler/issues/new?assignees=&labels=bug&template=bug_report.md&title=)** | **[❓ General Question](https://github.com/aws-solutions/serverless-image-handler/issues/new?assignees=&labels=question&template=general_question.md&title=)**
**[Dynamic Image Transformation for Amazon CloudFront](https://aws.amazon.com/solutions/implementations/dynamic-image-transformation-for-amazon-cloudfront/)** | **[🚧 Feature request](https://github.com/aws-solutions/serverless-image-handler/issues/new?assignees=&labels=enhancement&template=feature_request.md&title=)** | **[🐛 Bug Report](https://github.com/aws-solutions/serverless-image-handler/issues/new?assignees=&labels=bug&template=bug_report.md&title=)** | **[❓ General Question](https://github.com/aws-solutions/serverless-image-handler/issues/new?assignees=&labels=question&template=general_question.md&title=)**

**Note**: If you want to use the solution without building from source, navigate to [Solution Landing Page](https://aws.amazon.com/solutions/implementations/serverless-image-handler/).
**Note**: If you want to use the solution without building from source, navigate to [Solution Landing Page](https://aws.amazon.com/solutions/implementations/dynamic-image-transformation-for-amazon-cloudfront/).

## Table of Content

Expand All @@ -18,17 +18,26 @@

# Solution Overview

The Serverless Image Handler solution helps to embed images on websites and mobile applications to drive user engagement. It uses [Sharp](https://sharp.pixelplumbing.com/en/stable/) to provide high-speed image processing without sacrificing image quality. To minimize costs of image optimization, manipulation, and processing, this solution automates version control and provides flexible storage and compute options for file reprocessing.
The Dynamic Image Transformation for Amazon CloudFront solution helps to embed images on websites and mobile applications to drive user engagement. It uses [Sharp](https://sharp.pixelplumbing.com/en/stable/) to provide high-speed image processing without sacrificing image quality. To minimize costs of image optimization, manipulation, and processing, this solution automates version control and provides flexible storage and compute options for file reprocessing.

This solution automatically deploys and configures a serverless architecture optimized for dynamic image manipulation. Images can be rendered and returned spontaneously. For example, an image can be resized based on different screen sizes by adding code on a website that leverages this solution to resize the image before being sent to the screen using the image. It uses [Amazon CloudFront](https://aws.amazon.com/cloudfront) for global content delivery and [Amazon Simple Storage Service](https://aws.amazon.com/s3) (Amazon S3) for reliable and durable cloud storage.

For more information and a detailed deployment guide, visit the [Serverless Image Handler](https://aws.amazon.com/solutions/implementations/serverless-image-handler/) solution page.
For more information and a detailed deployment guide, visit the [Dynamic Image Transformation for Amazon CloudFront](https://aws.amazon.com/solutions/implementations/dynamic-image-transformation-for-amazon-cloudfront/) solution page.

# Architecture Diagram

![Architecture Diagram](./architecture.png)
Dynamic Image Transformation for Amazon CloudFront supports two architectures, one using an Amazon API Gateway REST API, and another using S3 Object Lambda. The Amazon API Gateway REST API architecture maintains the structure used in v6.3.3 and below of the Dynamic Image Transformation for Amazon CloudFront. The S3 Object Lambda architecture maintains very similar functionality, while also allowing for images larger than 6 MB to be returned. For more information, refer to the [Architecture Overview](https://docs.aws.amazon.com/solutions/latest/serverless-image-handler/architecture-overview.html) in the implementation guide.

The AWS CloudFormation template deploys an Amazon CloudFront distribution, Amazon API Gateway REST API/S3 Object Lambda, and an AWS Lambda function. Amazon CloudFront provides a caching layer to reduce the cost of image processing and the latency of subsequent image delivery. The Amazon API Gateway/S3 Object Lambda provides endpoint resources and triggers the AWS Lambda function. The AWS Lambda function retrieves the image from the customer's Amazon Simple Storage Service (Amazon S3) bucket and uses Sharp to return a modified version of the image. Additionally, the solution generates a CloudFront domain name that provides cached access to the image handler API. There is limited use of CloudFront functions for consistency and cache hit rate purposes.

## Default Architecture

![Architecture Diagram (Default Architecture)](./default_architecture.png)

## S3 Object Lambda Architecture

![Architecture Diagram (S3 Object Lambda Architecture)](./object_lambda_architecture.png)

The AWS CloudFormation template deploys an Amazon CloudFront distribution, Amazon API Gateway REST API, and an AWS Lambda function. Amazon CloudFront provides a caching layer to reduce the cost of image processing and the latency of subsequent image delivery. The Amazon API Gateway provides endpoint resources and triggers the AWS Lambda function. The AWS Lambda function retrieves the image from the customer's Amazon Simple Storage Service (Amazon S3) bucket and uses Sharp to return a modified version of the image to the API Gateway. Additionally, the solution generates a CloudFront domain name that provides cached access to the image handler API.

# AWS CDK and Solutions Constructs

Expand All @@ -49,8 +58,8 @@ In addition to the AWS Solutions Constructs, the solution uses AWS CDK directly
### 1. Clone the repository

```bash
git clone https://github.com/aws-solutions/serverless-image-handler.git
cd serverless-image-handler
git clone https://github.com/aws-solutions/dynamic-image-transformation-for-amazon-cloudfront.git
cd dynamic-image-transformation-for-amazon-cloudfront
export MAIN_DIRECTORY=$PWD
```

Expand All @@ -76,12 +85,12 @@ overrideWarningsEnabled=false npx cdk deploy\
```

_Note:_
- **MY_BUCKET**: name of an existing bucket in your account
- **MY_BUCKET**: name of an existing bucket or the list of comma-separated bucket names in your account
- **PROFILE_NAME**: name of an AWS CLI profile that has appropriate credentials for deploying in your preferred region

# Collection of operational metrics

This solution collects anonymous operational metrics to help AWS improve the quality and features of the solution. For more information, including how to disable this capability, please see the [implementation guide](https://docs.aws.amazon.com/solutions/latest/serverless-image-handler/op-metrics.html).
This solution collects anonymous operational metrics to help AWS improve the quality and features of the solution. For more information, including how to disable this capability, please see the [implementation guide](https://docs.aws.amazon.com/solutions/latest/serverless-image-handler/reference.html#anonymized-data-collection).

# External Contributors

Expand All @@ -105,10 +114,15 @@ This solution collects anonymous operational metrics to help AWS improve the qua
- [@Fjool](https://github.com/Fjool) for [#489](https://github.com/aws-solutions/serverless-image-handler/pull/489)
- [@fvsnippets](https://github.com/fvsnippets) for [#373](https://github.com/aws-solutions/serverless-image-handler/pull/373), [#380](https://github.com/aws-solutions/serverless-image-handler/pull/380)
- [@ccchapman](https://github.com/ccchapman) for [#490](https://github.com/aws-solutions/serverless-image-handler/pull/490)
- [@bennet-esyoil](https://github.com/bennet-esyoil) for [#521](https://github.com/aws-solutions/serverless-image-handler/pull/521)
- [@vaniyokk](https://github.com/vaniyokk) for [#511](https://github.com/aws-solutions/serverless-image-handler/pull/511)
- [@bennet-esyoil][https://github.com/bennet-esyoil] for [#521](https://github.com/aws-solutions/serverless-image-handler/pull/521)
- [@vaniyokk][https://github.com/vaniyokk] for [#511](https://github.com/aws-solutions/serverless-image-handler/pull/511)
- [@ericbuehl](https://github.com/ericbuehl) for [#463](https://github.com/aws-solutions/serverless-image-handler/pull/463)
- [@fvsnippets](https://github.com/fvsnippets) for [#372](https://github.com/aws-solutions/serverless-image-handler/pull/372)
- [@markuscolourbox](https://github.com/markuscolourbox) for [#349](https://github.com/aws-solutions/serverless-image-handler/pull/349)
- [@madhubalaji](https://github.com/madhubalaji) for [#476](https://github.com/aws-solutions/serverless-image-handler/pull/476)
- [@nicolasbuch](https://github.com/nicolasbuch) for [#569](https://github.com/aws-solutions/serverless-image-handler/pull/569)
- [@mrnonz](https://github.com/mrnonz) for [#567](https://github.com/aws-solutions/serverless-image-handler/pull/567)
- [@ilich](https://github.com/ilich) for [#574](https://github.com/aws-solutions/serverless-image-handler/pull/574)

# License

Expand Down
2 changes: 1 addition & 1 deletion VERSION.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
6.3.3
7.0.0
Binary file added default_architecture.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import AdmZip from "adm-zip";
* on solution internal pipelines
*/
export class CDKAssetPackager {
constructor(private readonly assetFolderPath: string) {}
constructor(private readonly assetFolderPath: string) { }

/**
* @description get cdk asset paths
Expand Down
Binary file added object_lambda_architecture.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
3 changes: 2 additions & 1 deletion source/.eslintrc.json
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
"jsdoc/require-returns-type": ["off"],
"jsdoc/newline-after-description": ["off"],

"import/no-unresolved": 1 // warn only on Unable to resolve path import/no-unresolved
"import/no-unresolved": 1, // warn only on Unable to resolve path import/no-unresolved
"dot-notation": "off"
}
}
2 changes: 1 addition & 1 deletion source/constructs/bin/constructs.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ if (DIST_OUTPUT_BUCKET && SOLUTION_NAME && VERSION)
});

const app = new App();
const solutionDisplayName = "Serverless Image Handler";
const solutionDisplayName = "Dynamic Image Transformation for Amazon CloudFront";
const solutionVersion = VERSION ?? app.node.tryGetContext("solutionVersion");
const description = `(${app.node.tryGetContext("solutionId")}) - ${solutionDisplayName}. Version ${solutionVersion}`;
// eslint-disable-next-line no-new
Expand Down
4 changes: 2 additions & 2 deletions source/constructs/cdk.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"app": "npx ts-node --prefer-ts-exts bin/constructs.ts",
"context": {
"solutionId": "SO0023",
"solutionVersion": "custom-v6.3.3",
"solutionName": "serverless-image-handler"
"solutionVersion": "custom-v7.0.0",
"solutionName": "dynamic-image-transformation-for-amazon-cloudfront"
}
}
Loading