503 lamdba execution error on all but initial load

Question

Data Engineer here trying to understand SecOps

I am creating a lambda edge function for my cloudfront distribution using the following guide:

https://levelup.gitconnected.com/nonce-based-csp-with-aws-cloudfront-ae5a6752b9b0

injecting the following csp

function generateCsp() {
    const nonce = randomBytes(16).toString("base64");
    return {
        csp: `object-src 'none'; script-src 'nonce-${nonce}' 'unsafe-inline' 'strict-dynamic' https:;`,
        nonce,
    };
}

When calling the domain, I see that the security policy has a nonce, implying the lambda edge has correctly fired. But when a user tries to sign in (via the auth0-react hook), I am met with a 503 and a lambda execution error. I tried this previously when I was already signed in and it appeared to work for the main resource, but fail on urls with a resource path attached.

I've tried testing the lambda and inspecting its logs. on test in the console, I receive logs and a successful 200, but when using the site I do not see any logs regardless of whether it appears to have run. I'm assuming this means that my issue is not with my lambda but with how I've chosen to configure it against cloudfront/with the csp being generated.

What are some next logical steps for me to take to get to the bottom of this? My guess is that there is something wrong with my security policy and cloudfront is not allowing the lambda edge to run, but I've also known about CSPs for all of a day so could do with some advice on debugging them.

Happy to provide more code/infra setup, however there's quite a bit of it and I'm not sure which piece would be the most useful to share.