1 minute read

This past week I struggled for a couple of hours debugging an issue with a lambda@edge function for our company’s website.

The function, attached to the Viewer request event on our Cloudfront distribution, is in charge of prerendering our SPA for SEO purposes. To do this, it reads the User-Agent from the request and, if the request is from a bot, it returns a 302 with the location of the prerender service.

After searching online for what may have been wrong, I just gave up for the moment and did everything from scratch again to see if it would start working; it did, so I called it a day. Ever since then it’s been on my mind and today I figured it out.

Turns out that the issue was with the function’s associated role.

This is what I did the first:

  • Created a lambda function
  • AWS created the role and permissions and assigned it to the function
  • Realized that I made a mistake, I can’t exactly remember what, so I deleted the function
  • Create a new lambda function and assigned it the existing role, the one created in a previous step

After redoing everything on a personal AWS account, step by step, I remembered that during the new lambda function setup, I just assigned the previously created role to this new function without realizing that I needed to change the role’s resources inside the permissions policies. I kind of knew that it must have been something related to permissions but realized until now what the issue was.

So future reference for me, double check the permissions, it’s probably something there.

Updated:

You May Also Enjoy