allowing CORS in AWS Lambda

[ciskoh]

I am trying deployment on aws lambda with zappa following the tutorial. I need to enable CORS for tiles and apparently this is not working.

I have edited zappa_settings as follows:

[development.aws_environment_variables]   
    TC_DRIVER_PATH = "s3://xxx-xxx-xxx/xx.sqlite"
    TC_DRIVER_PROVIDER = "sqlite-remote" 
    TC_REPROJECTION_METHOD = "linear"
    TC_RESAMPLING_METHOD = "average"
    TC_XRAY_PROFILE = "true" 
    TC_ALLOWED_ORIGINS_TILES = '["*"]'

However when I do terracotta connect {address of lambda} I still cannot see any image and through the developer tool I see an error:

Access to fetch at 'xxxx' from origin 'http://127.0.0.1:5100' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Is there anything extra I have to set up on the api gateway or lambda configuration?

[dionhaefner]

@j08lue @panakouris you got any experience with this?

[ciskoh]

To add more info the deployment works well with zappa and if I check the lambda function I do have the correct environment variable (it seems):

but when I do terracotta connect {my_lambda_address/development/ I see no images and the developer tools in the browser show this

[dionhaefner]

What does $ curl --head <yoururl>/development/datasets give you?

[ciskoh]

What does $ curl --head <yoururl>/development/datasets give you?

HTTP/2 200
content-type: application/json
content-length: 3946
date: Thu, 19 Jan 2023 11:06:44 GMT
x-amzn-requestid: 3489d7df-7b26-46bd-90d1-b740f146dc7e
access-control-allow-origin: *
x-amzn-remapped-content-length: 3946
x-amz-apigw-id: e_KayHvEFiAFSBQ=
x-amzn-trace-id: Root=1-63c92444-4c634562438e1c90616679a4;Sampled=1
x-cache: Miss from cloudfront
via: 1.1 110750d14d1d900cd5c76d0ac872f5dc.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: YYTX7s8TRpV4qs3hHZxAM4ec2JAyxJC0yGYi6hgFH76sU8iUW9odSA==

[ciskoh]

I got some advancements: I had to set CORS in the s3 bucket where both the sqlite db and the images are.
This allows the tiles to work in terracotta connect. However I am still receiving a No CORS error if I look in the developer tools (see image above). will further test with mapbox and report here.

@dionhaefner does the header look good for you?

[j08lue]

Have not worked with a deployment in a while, but it used to work well out of the box to Zappa-deploy to Lambda and then terracotta connect to that. I am aware that this does not help...

For debugging CORS issues, a catch is, though, that error responses (500 or 400) do not set CORS headers. So if your request triggers an error response, you will get a CORS error in your client, which obscures the actual issue. You can look into the Lambda logs for seeing whether the original request failed.

I had to set CORS in the s3 bucket where both the sqlite db and the images are.

Why would you have to do that? It is still just the Lambda connecting to those, not the client, no?

[dionhaefner]

Header looks good, you can see that CORS is set:

access-control-allow-origin: *

So it's probably what @j08lue said: The lambda is throwing an error which doesn't set CORS. Please check the logs for exceptions.

[ciskoh]

Why would you have to do that? It is still just the Lambda connecting to those, not the client, no?

Yes only the lambda connects to s3. Cannot really explain this, but its thew only thing that worked in a 4 day struggle.

[dionhaefner]

If you want to debug this further it could also be helpful if you could share the original requests that failed (which you blacked out in your screenshot). You can censor the endpoint URL of course.