AWS Lambda Function URL

feature image

AWS Lambda is a serverless compute service which can work with other AWS services in a private AWS environment. It is very powerful and low cost but it does not have a public URL for public to invoke the function. So we must use API Gateway as a frontend then pass the request to Lambda, before 2022-04-06.

Since 2022-04-06, AWS announced the AWS Lambda Function URL that you can call the Lambda function with a unique URL without API Gateway.

Teach One To Fish – Tutorial

Go to Lambda service -> create a new function -> Runtime: Node.js 16.x

In the Code Source area, copy the code from .

exports.handler = (event, context, callback) => {
   const response = {
    statusCode: 301,
    headers: {
      Location: '',

  return callback(null, response);

Remember to click the Deploy button. (If you see “Changes not deployed”, that’s mean you have not clicked yet.). Then you should see the green notice at the top “Successfully updated the function redirect-url.”

Then go to Configuration tab -> click “Create function URL” button.

In “Auth type”, if it is a public function, then you should choose “NONE”. If it is a private function, you should use “AWS_IAM”.

If you want to bind to your own domain by setting CNAME in DNS, then you should check “Configure cross-origin resource sharing (CORS)”. Else, you can leave it blank.

Click Save. Then you will see a Function URL.

If you set “Auth type” to none, then you should be able to open the Function URL, and redirect to

If you set “Auth type” to “AWS_IAM”, then you will see an error – “{“Message”:”Forbidden”}”.

AWS_IAM Auth type

If you choose AWS_IAM Auth type, then you need to submit your Access Key and Secret Key (AKSK) to Lambda Function as well. You cannot do this in browser, so you can use a web form or Postman ( to do it.


Open Postman app, on the right hand side, you can set the Environment Variable by clicking “No Environment”. Then set “AccessKey” and “SecretKey” these 2 variables.

Then on the left hand menu, choose “New”. Then choose “HTTP Request” Building Blocks.

Change to “POST” method. Copy and paste the Lambda Function URL. In the “Auth” tab, Change the type to “AWS Signature”. In the input field, add {{AccessKey}} and {{SecretKey}} so it gets the values from the environmental variable.

Click Send. You can see the result at the bottom.