Lambda Edge in Origin request does not trigger at edge location but at regional edge location even when behaviour caching policy is CachingDisabled

Question

I am not sure if this is intended, is a default behaviour, has a configuration or possibly a hack. I have some requests originating from within the Saudia Arabia and UAE region, and a frontend and backend that sit under the same domain through cloud front and i handle the routing through the path pattern where the website sits on a s3 behind one pattern and the other path pattern sends requests to the backend. Before sending the request to backend, however, an Edge Lambda  is invoked as a reverse proxy and path rewriter. However, when i check Function Metrics from under Cloud Front Telemetry Monitoring for the Edge Lambda, i see that nearly all of the invocations lie in Frankfurt or Ireland. Based on the map here https://aws.amazon.com/cloudfront/features/?whats-new-cloudfront.sort-by=item.additionalFields.postDateTime&whats-new-cloudfront.sort-order=desc i would expect the invocations to be within the Saudia/UAE region and but instead i see the invocations in the Frankfurt region from where it is then sent to the backend which is at Mumbai leading to a longer trip. On searching up a bit I found that there is a concept of Regional Edge Locations as well which act as the second layer of cache after the edge location and all my invocations lie there. To somehow get the Lambdas to trigger at the edge locations instead of regional i tried setting the Cache Policy to CacheDisabled, legacy cache settings to All Headers and some hacks like setting the max age and expire headers in the api requests but the invocations consistently lie at their previous locations.

Accepted Answer

Hello,

For simple operation you can try to leverage Cloudfront functions which operates at edge.
You can get support from this blog which details the difference with lambda and it could help you to find a solution.

https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/

Answer

Lambda@edge are invoked at 'Regional Edge Cache'[1], and the 'Regional Edge Cache' might not be the same location as the 'PoP'. 
Therefore, a possible alternative is to have your logic run in CloudFront Functions, which would be invoked in the 'PoP' where the traffic lands. ( Just like 'AWS-User-7455027' mentions)

You may also check the following article to understand more about them.
- Customizing at the edge with functions - Choosing between CloudFront Functions and Lambda@Edge - https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions.html#edge-functions-choosing

[1] https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/
```
Lambda@Edge functions are executed in a regional edge cache (usually in the AWS region closest to the CloudFront edge location reached by the client)
```

Answer

I am assuming you are talking about Origin Edge Lambdas.
 
You should do below:
1. Setup Origin Shield on the Origin in the Cloudfront
2. Mark the origin region for the origin shield as UAE
Henceforth all origin lambda executions would be triggered in the UAE region. This is because Origin Shield forces all Origin Lambda calls to execute at the shield origin region

Lambda Edge in Origin request does not trigger at edge location but at regional edge location even when behaviour caching policy is CachingDisabled

Relevant content