En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

lambda@edge accessing lambda function via api gateway getting {"message":"Forbidden"}

0

I am able to access the Lambda function directly or via the custom domain with a 200 status. However, configuring a Lambda@edge function to redirect to the custom origin results in a {"message":"Forbidden"} response

The API is open so its not an authorizer issue

Here is the redirect code

'use strict';
exports.handler = (event, context, callback) => {
     const request = event.Records[0].cf.request;
     if (request.headers['x-ssr-token'] && request.headers['x-ssr-host'] && request.headers['x-query-string']) {
       request.querystring = request.headers['x-query-string'][0].value;
       request.origin = {
           custom: {
               domainName: 'myapi.mydomain.com',
               port: 443,
               protocol: 'https',
               readTimeout: 20,
               keepaliveTimeout: 5,
               customHeaders: {},
               sslProtocols: ['TLSv1', 'TLSv1.1', 'TLSv1.2'],
               path: '/https%3A%2F%2F' + request.headers['x-ssr-host'][0].value
               }
       };
    }
    callback(null, request);
};
Sujets
Sans serveurCalculWeb et mobile front-endRéseaux et diffusion de contenu
Balises
AWS LambdaPasserelle API AmazonAmazon CloudFrontLambda@Edge
Langue
English
RazBal
demandé il y a 2 ans1221 vues
2 réponses
1

It would be helpful if you could post the Lambda@Edge function code (please sanitise it, or post the relevant snippet if needed). To dynamically update the origin, your Lambda@Edge function should run on the Origin Request trigger. Sometimes it is easy to forget to update the Host header in the request to match the new origin. There are some example functions available here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-examples.html#lambda-examples-content-based-custom-origin-request-trigger which you can refer to if needed.

AWS
EXPERT
Paul_L
répondu il y a 2 ans
0

Thanks for the tip, added request.headers['host'] = [{ key: 'host', value: 'myapi.mydomain.com'}]; Now getting {"message":"Not Found"}

I've enabled logging for the API and I see logs when I access the endpoint directly or via the custom domain. However, no logs for any access via lambda@edge/Cloudfront

RazBal
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents