Cloudflare 521 Error when using AWS API Gateway

Question

After deploying an API Gateway function in front of a Lambda function, and setting it up with Cloudflare, I keep getting 521 errors from Cloudflare.

I have completed all the necessary steps such as generated a certificate, created the custom domain in API Gateway, etc.

Why would I be getting a 521 error when using AWS API Gateway with Cloudflare?

Answer 1

Turns out that in Cloudflare the SSL setting must be set to Full or Full (strict). Otherwise you will get a 521 error from Cloudflare.

This is because AWS API Gateway does not allow HTTP connections and requires HTTPS connections. With HTTPS set to Off or Flexible in Cloudflare, it will not connect via HTTPS, and therefore fail to connect to AWS.

Of course it is recommended to use Full (strict) to ensure extra security on your site.