I am wondering if a lambda function located in AWS account A can be used with a CloudFront distribution located in AWS account B. When I try, i get the following error. This leads me to think that it is probably not possible. But maybe it is a permission problem.
com.amazonaws.services.cloudfront.model.InvalidLambdaFunctionAssociationException: The CloudFront distribution under account 999999888888 cannot be associated with a Lambda function under a different account: 999999666666. Function: arn:aws:lambda:us-east-1:999999666666:function:cf_test_lambda:2 (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidLambdaFunctionAssociation;
AWS cloudfront only allows Lambda function in same account to be attached. It's not related to permissions. It's the basic behaviour of cloudfront service. However you can create Lambda in same account and use that to Invoke Lambda in another one. You can give it a try if it suits your needs. Maybe this can help. Can an AWS Lambda function call another