AWS Lambda@Edge debugging

Asked 4/10, 2017 at 9:16 Answered 30/10, 2018 at 9:59

Solved amazon-web-services aws-lambda amazon-cloudwatch aws-xray aws-lambda-edge

I'm currently working on a lambda@edge function. I cannot find any logs on CloudWatch or other debugging options.

When running the lambda using the "Test" button, the logs are written to CloudWatch.

When the lambda function is triggered by a CloudFront event the logs are not written.

I'm 100% positive that the event trigger works, as I can see its result.

Any idea how to proceed?

Thanks ahead,
Yossi

Caudad answered 4/10, 2017 at 9:16 Comment(0)

1) Ensure you have provided permission for lambda to send logs to cloudwatch. Below is the AWSLambdaBasicExecutionRole policy which you need to attach to the exection role which you are using for your lambda function.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": "*"
        }
    ]
}

2) Lambda creates CloudWatch Logs log streams in the CloudWatch Logs regions closest to the locations where the function is executed. The format of the name for each log stream is /aws/lambda/us-east-1.function-name where function-name is the name that you gave to the function when you created it. So ensure you are checking the cloudwatch logs in the correct REGION.

Imprimis answered 4/10, 2017 at 10:58 Comment(3)

Note also that "closest to the locations where the function is executed" implies the region that is closest to the browser that is making the request to CloudFront. (Technically, "most optimal," which tends to be the region geographically closest to the browser, but not necessarily.) – Cherie 4/10, 2017 at 12:38

Thanks! It kept in the "closest to location region" CloudWatch logs. Thanks for the quick and helpful answer :) – Caudad 8/10, 2017 at 6:51

I stumbled on the whole regions thing. To emphasize to others - The logs you see in /cloudwatch/home?region=eu-central-1#logs: are not ALL your logs. You need to actively switch regions in the dropdown in the top right corner to locate the other log folders. – Repurchase 20/5, 2019 at 20:57

In case anyone finds it useful. The fact that AWS prefixes your function name, which breaks the built-in "CloudWatch at a glance" Dashboard, and that Lambda@Edge runs across multiple regions inspired me to create this CloudWatch Dashboard template that gives you similar standard monitoring for all regions in one dashboard.

Taconite answered 30/10, 2018 at 9:59 Comment(0)

Recommended topics

Hot tags