Thi API Gateway Resource policy troubleshooting guide is based on How API Gateway resource policy affect authorization workflow - https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-authorization-flow.html How to use this guide 1. Identify the Authorization workflow applicable for your Use case 2. Based on authorization workflow and If API is accessed from same account or cross account , refer the Table A … Continue reading API Gateway Resource Policies
Category: API Gateway
Build APIs with Amazon API Gateway
I am happy to announce my first course on Building APIs with Amazon API Gateway on Udemy. This is my attempt to increase awareness and adoption of Amazon API Gateway service and build support and expertise across Global Community. I am aiming to add more and more content and support related to Amazon API Gateway … Continue reading Build APIs with Amazon API Gateway
Understanding TLS Protocol
This article will help you in understanding TLS Protocol and difference between it's various versions. What is TLS? Transport Layer Security abbreviated as TLS is a cryptographic protocol designed to provide secure communication between web browsers and servers.TLS is a succesor of Secure Socket Layer (SSL) protocol. Sometimes, TLS is also referred as SSL. The … Continue reading Understanding TLS Protocol
Minimum TLS version for API Gateway
The APIs created with Amazon API Gateway expose HTTPS endpoints only. API Gateway doesn't support unencrypted (HTTP) endpoints. TLS offers multiple versions and It is recommended to use the later versions of TLS protocol as they offer more security features. Therefore, It is a common requirement to enforce a minimum TLS version on API Gateway. … Continue reading Minimum TLS version for API Gateway
Amazon API Gateway 504 : Execution failed due to a network error communicating with endpoint
Amazon API Gateway 504 : Execution failed due to a network error communicating with endpoint could be caused by networking problems with integration. In VPC Link Private Integration and HTTP Integration such errors can be seen. COMMON REASONS for Amazon API Gateway 504 : Execution failed due to a network error communicating with endpoint 1.) … Continue reading Amazon API Gateway 504 : Execution failed due to a network error communicating with endpoint
Enable API Gateway CloudWatch Logs
API Gateway Cloudwatch logs can help in troubleshooting issues related to request execution or client access to your API. This blog will help in understanding details to enable CloudWatch Logs for troubleshooting API Gateway REST API or WebSocket API Execution Logs vs Access Logs There are two types of API Gateway Cloudwatch logs: Execution logs … Continue reading Enable API Gateway CloudWatch Logs
API Gateway General SSLEngine error
API Gateway General SSLEngine error is a common error in the API Gateway private integration (VPC Link) and HTTP Integration. In both these integrations the endpoint can be HTTPS and as a requirement the backend target must return a certificate trusted by certificate authorities supported by API Gateway. Here is a list of certificate authorities … Continue reading API Gateway General SSLEngine error
Troubleshooting API Gateway Private API
This article focuses on Troubleshooting API Gateway Private API. Following are the common causes of restricted access to Private API Connectivity issues due to Amazon VPC security groups, NACL rules incorrectly configured.The invoke URL for the private APIPermission related issues due to API Gateway Resource and VPC Endpoint policy Before you start troubleshooting API Gateway … Continue reading Troubleshooting API Gateway Private API
500 Internal Server Error with Mock Integration
With Mock Integration Amazon API Gateway there are 2 common reasons for 500 Internal Server error. Check the mapping template in Integration Request and ensure that you are passing statusCode as an integer to the MOCK Integration endpoint. { "statusCode": <Integer_Status_code> } Note: Make sure that status code is passed as integer not string. Correct … Continue reading 500 Internal Server Error with Mock Integration
API Gateway : Error when creating Custom Domain Name : The certificate provided must be issued by ACM and not imported
Amazon API Gateway supports certificate-based mutual Transport Layer Security (TLS) authentication . Mutual TLS authentication requires two-way authentication between the client and the server. When using Custom Domain Names for API Gateway and enabling mutual TLS on custom domain name, There is a restriction as mentioned in AWS Documentation To enable mutual TLS, your domain … Continue reading API Gateway : Error when creating Custom Domain Name : The certificate provided must be issued by ACM and not imported