简体繁体 English

AWS CloudFront 为 us-east-1 以外的区域返回 503

[英]AWS CloudFront returns 503 for regions other than us-east-1

原文 2020-07-07 04:43:20 3 1 amazon-web-services/ aws-lambda/ amazon-cloudfront/ aws-lambda-edge

I am trying to configure a cloudfront distribution with a lambda@Edge function linked to the origin request event.我正在尝试使用链接到源请求事件的 lambda@Edge function 配置云端分发。 The lambda edge returns a very basic html page (the code is based on this example: Serving Static Content (Generated Response) ). lambda 边返回一个非常基本的 html 页面（代码基于此示例： Serving Static Content (Generated Response) ）。 Once deployed, the distribution works as expected in locations close to North Virginia region, but fails in other locations returning the following error:部署后，分布在靠近北弗吉尼亚地区的位置按预期工作，但在其他位置失败，返回以下错误：

503: The Lambda function associated with the CloudFront distribution was throttled. 503：与 CloudFront 分配关联的 Lambda function 被限制。 We can't connect to the server for this app or website at this time.我们目前无法连接到此应用或网站的服务器。 There might be too much traffic or a configuration error.可能有太多流量或配置错误。 Try again later, or contact the app or website owner.请稍后再试，或联系应用或网站所有者。 If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.如果您通过 CloudFront 向客户提供内容，您可以通过查看 CloudFront 文档找到解决问题并帮助防止此错误的步骤。

I already tried looking at the logs, but nothing is logged in cloudwatch when the 503 error is thrown and the logs from the CF distribution shows the lambdalimitExceeded error.我已经尝试查看日志，但是当抛出 503 错误并且来自 CF 分发的日志显示lambdalimitExceeded错误时，cloudwatch 中没有记录任何内容。

I have been jumping around between different locations using a VPN and I find it strange that it only works for places close to us-east-1 region.我一直在使用 VPN 在不同的位置之间来回跳跃，我发现它只适用于靠近 us-east-1 地区的地方很奇怪。 I am creating all the resources using a federated account, I don't know if it could be related to IAM permissions.我正在使用联合帐户创建所有资源，我不知道它是否与 IAM 权限有关。

Another thing to point out is that everything works as expected if I reproduce the same scenario using another aws account and a regular user.需要指出的另一件事是，如果我使用另一个 aws 帐户和普通用户重现相同的场景，一切都会按预期工作。

1 个解决方案

If you're seeing the lambdalimitExceeded then you need to review the following for your Lambda@Edge function:如果您看到lambdalimitExceeded ，那么您需要为您的 Lambda@Edge function 查看以下内容：

The number of function executions exceeded one of the quotas (formerly known as limits) that Lambda sets to throttle executions in an AWS Region (concurrent executions or invocation frequency). function 执行的数量超过了 Lambda 设置的配额（以前称为限制）之一，以限制 AWS 区域中的执行（并发执行或调用频率）。
The function exceeded the Lambda function timeout quota. function 超过了 Lambda function 超时配额。

Remember that Lambda@Edge is executed closer to the user, if you try to retrieve external resources (to the region) then you may timeout due to geographical latency, can you increase the timeout more to account for this?请记住，Lambda@Edge 是在离用户更近的地方执行的，如果您尝试检索外部资源（到该区域），那么您可能会由于地理延迟而超时，您是否可以增加超时来解决这个问题？

Do you have other Lambdas running in the regions where it is running?您是否有其他 Lambda 在其运行的区域运行？ If you view the CloudWatch logs for one of the regions closer to the users edge location you will see these Lambda logs and hopefully be able to identify the root cause.如果您查看靠近用户边缘位置的区域之一的 CloudWatch 日志，您将看到这些 Lambda 日志，并希望能够确定根本原因。 If not then add more debugging in.如果没有，则添加更多调试。