My function does not seem to ever execute on accessing my website through the cloudfront servers. Testing the function works as expected, and creates logs in cloudwatch as expected, but I have not been able to trigger the function from Cloudfront.
I followed the instructions from this blog https://levelup.gitconnected.com/nonce-based-csp-with-aws-cloudfront-ae5a6752b9b0
I'm wondering if I'm missing a permission issue or something, but I can't figure it out.
Any help is appreciated
Here are the trust relationships and permissions, respectively
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"edgelambda.amazonaws.com",
"lambda.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "logs:CreateLogGroup",
"Resource": "arn:aws:logs:xxxxx:*"
},
{
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:aws:logs:xxxxx:*"
]
},
{
"Action": "s3:GetObject",
"Effect": "Allow",
"Resource": "*"
}
]
}
Thanks,
Liam