lambda@edge accessing lambda function via api gateway getting {"message":"Forbidden"}
I am able to access the Lambda function directly or via the custom domain with a 200 status. However, configuring a Lambda@edge function to redirect to the custom origin results in a {"message":"Forbidden"} response
The API is open so its not an authorizer issue
Here is the redirect code
'use strict';
exports.handler = (event, context, callback) => {
const request = event.Records[0].cf.request;
if (request.headers['x-ssr-token'] && request.headers['x-ssr-host'] && request.headers['x-query-string']) {
request.querystring = request.headers['x-query-string'][0].value;
request.origin = {
custom: {
domainName: 'myapi.mydomain.com',
port: 443,
protocol: 'https',
readTimeout: 20,
keepaliveTimeout: 5,
customHeaders: {},
sslProtocols: ['TLSv1', 'TLSv1.1', 'TLSv1.2'],
path: '/https%3A%2F%2F' + request.headers['x-ssr-host'][0].value
}
};
}
callback(null, request);
};It would be helpful if you could post the Lambda@Edge function code (please sanitise it, or post the relevant snippet if needed). To dynamically update the origin, your Lambda@Edge function should run on the Origin Request trigger. Sometimes it is easy to forget to update the Host header in the request to match the new origin. There are some example functions available here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-examples.html#lambda-examples-content-based-custom-origin-request-trigger which you can refer to if needed.
Thanks for the tip, added
request.headers['host'] = [{ key: 'host', value: 'myapi.mydomain.com'}];
Now getting {"message":"Not Found"}
I've enabled logging for the API and I see logs when I access the endpoint directly or via the custom domain. However, no logs for any access via lambda@edge/Cloudfront
Relevant questions
I'm getting {"message":"Forbidden"} when trying to access my lambda from custom domain in api Gateway
asked 5 months agoLambda (private subnet) <- ingress request< - gateway
Accepted Answerasked 3 months agoInternal Server Error from API Gateway when sending queries through gateway to Lambda function connected to RDS database
asked a month agois it possible that SQS Triggers to a Lambda Function Alias?
Accepted Answerasked 3 months agoReturn Count from Lambda into the "Response Header" of the API
Accepted Answerasked 2 years agoAccess lambda in custom VPC from public API Gateway
Accepted Answerasked 4 months agocan we attach the custom domain to lambda function urls ?
Accepted Answerasked 24 days agoHow to retrieve DATETIME fields from RDS database on S3 site via API Gateway and Lambda function
asked 23 days agoCalling AWS Lambda directly
Accepted Answerasked a year agolambda@edge accessing lambda function via api gateway getting {"message":"Forbidden"}
asked a month ago