You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The default for Nextjs lambdas is 'auth type: None'. In this case, a policy 'FunctionURLAllowPublicAccess' is attached to the lambdas@edge (imageOptimisation and defaultFunction). After deploying this, and then changing to 'auth type: IAM', a re-deployment will not remove the default policy 'FunctionURLAllowPublicAccess'.
Equally, if the initial deployment specified 'auth type: IAM' for the lambdas@edge then the policy 'FunctionURLAllowPublicAccess' is not created (great! this works as expected). But, changing to 'auth type: None' on a redeployment will not create and attach the 'FunctionURLAllowPublicAccess' policy to the lambdas. To fix this, I need to remove the stage entirely, and deploy from scratch.
ps - loving the tool, great work is being done here!
The text was updated successfully, but these errors were encountered:
I did a quick test. I changed auth type from none to iam, and I can see the FunctionURLAllowPublicAccess policy isn't getting removed (verified the issue). However I get {"Message":"Forbidden"} when accessing the URL. The function URL is not publicly accessible. Is this still an issue?
The default for Nextjs lambdas is 'auth type: None'. In this case, a policy 'FunctionURLAllowPublicAccess' is attached to the lambdas@edge (imageOptimisation and defaultFunction). After deploying this, and then changing to 'auth type: IAM', a re-deployment will not remove the default policy 'FunctionURLAllowPublicAccess'.
Equally, if the initial deployment specified 'auth type: IAM' for the lambdas@edge then the policy 'FunctionURLAllowPublicAccess' is not created (great! this works as expected). But, changing to 'auth type: None' on a redeployment will not create and attach the 'FunctionURLAllowPublicAccess' policy to the lambdas. To fix this, I need to remove the stage entirely, and deploy from scratch.
ps - loving the tool, great work is being done here!
The text was updated successfully, but these errors were encountered: