Unable to add cloudfront as trigger to lambda function

Question

Hi I've followed this instruction try to resize image with Cloudfront and lambda@edge. When I tried to test the resized image, I keep getting the error message below:

The Lambda function associated with the CloudFront distribution is invalid or doesn't have the required permissions.

So I checked the lambda functions created by cloud formation provided by the article I mentioned in the beginning, and I found there's no trigger in it.

I've tried to set it manually but getting the error message below:

CloudFront events cannot be associated with $LATEST or Alias. Choose Actions to publish a new version of your function, and then retry association.

I followed the instruction in the error message; publish, and add Cloudfront as trigger but it seems there's no way to apply it. It's still running the one without Cloudfront as the trigger.

Is there any way to set Cloudfront as trigger and make this work properly?

Answer 1

For people Googling "The Lambda function associated with the CloudFront distribution is invalid or doesn't have the required permissions":

I got that error and struggled to debug it. It turned out there were some programmatic errors inside my Lambda that I had to resolve. But, how do you debug it if, when hitting Cloudfront you keep getting "The Lambda function associated with the CloudFront distribution is invalid or doesn't have the required permissions". That, and there's nothing inside the Cloudwatch logs.

My Lambda was defined in Cloudformation inside a AWS::Lambda::Function's ZipFile attribute. I ended up going to the Lambda service inside AWS and creating a Lambda test payload corresponding to my Cloudfront event as documented here: Lambda@Edge Event Structure. Then, I could debug the Lambda inside the Lambda console without having to hit Cloudfront or having to navigate to Cloudwatch logs.