Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Amazon HTTP API gateway not working via VPC Link [closed]

Tags:

amazon-web-services

aws-api-gateway

I have Fargate ECS task which is under ALB and everything is working fine. Since this ALB is internal, I want to expose it via the new HTTP API Gateway via VPC link for HTTP API.

I have created the new VPC link for HTTP API (specifying the security group and subnets for the internal ALB), and created HTTP API Gateway and connected it to the VPC link + ALB.

I am trying to map specific routes (and {proxy+} as well in other cases), but it seems that I am getting, 

{
  "message": "Service Unavailable"
}

on the correct links.

(On the non existing URLs, I get 404 - as expected). I tried this also with internet facing ALB (connecting it via VPC link as well - for testing purposes only), but it seems this is again the case.

I even tested it with NLB with HTTP API VPC link - and still same behavior.

Any idea if this even works? (Since it is in the UI, I assume it does?)

UPDATE: It seems that it works only in default stage For other stages, I have created (dev and beta) for which I get 404.

To me, it seems that since the URLs for dev and beta are /dev and /beta, the load balancer is 'getting confused'.

like image 712
sem10 Avatar asked Apr 03 '20 13:04

sem10

2 Answers

VPC Link requires to be in a private subnet (most likely because of NAT Gateways). If you place it in public subnets, it will result in 503 errors, which might be your case as well.

like image 146
Tailor888 Avatar answered Nov 06 '22 04:11

Tailor888

HTTP APIs don't perform URL mapping like the original REST APIs. API Gateway just passes the path what it gets in curl/invoke for HTTP APIs -

If you pass /foo in the URL the backend should have a resource /foo

If you pass /foo/bar in the URL the backend should have a resource /foo/bar

For the older VPC Links you could use the URL to map 

/foo -> /bar/baz

That could be the reason for the 404s.

As for the 503 Service unavailable, take a look at the access logs of the ALB and see if any connections from API Gateway are received. It's likely the request is being routed to the default instead of any custom ALB rules you may have defined. This will lead your request to an incorrect target group causing 503s if the targets are not healthy or missing.

like image 41
Suraj Bhatia Avatar answered Nov 06 '22 03:11

Suraj Bhatia
Sign in to Comment

Related questions

AWS lambda AccessDeniedException calling another lambda function
Possible to Specify a Parameter For AWS Athena Query?
Expose individual Kafka brokers on Kubernetes through an ELB on AWS
how to stop and start AWS EC2 instance automatically
Cloudwatch event is not triggering my lambda function, even though it's a target
What are the best practises to prepare for AWS Certified Solutions Architect - Associate 2017 pattern [closed]
AWS SNS - Error trying to save Text messaging preferences on aws
AWS Cognito Authentication Returns Error - Javascript SDK
SSH'ing into AWS EC2 Instance located in Private Subnet in a VPC
AWS SSM put parameter Validation Exception
How do I make this IAM role error in aws sagemaker go away?
How to install Numpy and Pandas for AWS Lambdas?
Rotating RDS secrets in AWS with open connections
Terraform - Specifying multiple possible values for Variables
AWS Cloudwatch can not publish to SNS Topic with SSE
Error on run: Property validation failure: [Value of property {/Targets/0/Values} does not match type {Array}]
Did not find the image definition file imagedefinitions.json
Creating Cognito User Pool With Custom Domain name from AWS CDK
How do I create a Presigned URL to download a file from an S3 Bucket using Boto3?
How can I invoke another lambda function also defined in AWS SAM template?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!