-
Hello Marcos Daniel Santos,
Thank you for reaching out and for sharing your reasoning.In this scenario, Lambda@Edge is indeed a correct choice because it allows authentication logic to run at AWS edge locations closer to users, which helps reduce login latency without requiring additional regional deployments. However, increasing the CloudFront cache hit ratio does not address the root issue, as login and authentication requests are dynamic and user-specific, and therefore are typically not cacheable by CloudFront.
Regarding origin failover, while it is commonly associated with availability and disaster recovery, it also directly impacts perceived performance in this case. The HTTP 504 errors indicate that the origin is timing out, causing users to wait longer or retry their login attempts.
By configuring a CloudFront origin group with failover, CloudFront can automatically route requests to a healthy origin when the primary origin is unresponsive, reducing timeouts and improving the overall login experience. This approach improves both reliability and user-perceived performance with minimal additional cost, which aligns with the requirements of the question.
If you have any further questions or need additional clarification, feel free to reach out anytime.
Cheers,
Irene @ Tutorials Dojo
