使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

lambda@edge accessing lambda function via api gateway getting {"message":"Forbidden"}

0

I am able to access the Lambda function directly or via the custom domain with a 200 status. However, configuring a Lambda@edge function to redirect to the custom origin results in a {"message":"Forbidden"} response

The API is open so its not an authorizer issue

Here is the redirect code

'use strict';
exports.handler = (event, context, callback) => {
     const request = event.Records[0].cf.request;
     if (request.headers['x-ssr-token'] && request.headers['x-ssr-host'] && request.headers['x-query-string']) {
       request.querystring = request.headers['x-query-string'][0].value;
       request.origin = {
           custom: {
               domainName: 'myapi.mydomain.com',
               port: 443,
               protocol: 'https',
               readTimeout: 20,
               keepaliveTimeout: 5,
               customHeaders: {},
               sslProtocols: ['TLSv1', 'TLSv1.1', 'TLSv1.2'],
               path: '/https%3A%2F%2F' + request.headers['x-ssr-host'][0].value
               }
       };
    }
    callback(null, request);
};
主題
無伺服器運算前端網頁與行動裝置網路與內容交付
標籤
AWS LambdaAmazon API GatewayAmazon CloudFrontLambda@Edge
語言
English
RazBal
已提問 2 年前檢視次數 1219 次
2 個答案
1

It would be helpful if you could post the Lambda@Edge function code (please sanitise it, or post the relevant snippet if needed). To dynamically update the origin, your Lambda@Edge function should run on the Origin Request trigger. Sometimes it is easy to forget to update the Host header in the request to match the new origin. There are some example functions available here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-examples.html#lambda-examples-content-based-custom-origin-request-trigger which you can refer to if needed.

AWS
專家
Paul_L
已回答 2 年前
0

Thanks for the tip, added request.headers['host'] = [{ key: 'host', value: 'myapi.mydomain.com'}]; Now getting {"message":"Not Found"}

I've enabled logging for the API and I see logs when I access the endpoint directly or via the custom domain. However, no logs for any access via lambda@edge/Cloudfront

RazBal
已回答 2 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容