4

So I'm trying to set up a custom domain for my AWS Lambda function.

I went through all the instructions to buy a domain name via google domains, set up a certificate through AWS Certificate manager, and created the corresponding route 53 hosted zone.

enter image description here

For whatever reason, I unfortunately get a 403 error when I try to reach the API Gateway domain name endpoint. In this case, it's https://d-frdw0740fd.execute-api.us-east-1.amazonaws.com.

Also for context, here is my API mappings tab.

API mappings tab

For more context, here is my hosted zone in route 53 corresponding with my custom domain name:

route 53

Instead of bringing me to a {"message": "Not Found"} page, I'd like it to bring me to my actual aws endpoint.

Where am I going wrong in order to set up my configuration so that my API Gateway domain name is correctly linked to the functional aws endpoint instead of just reaching a 404 error?

UPDATE: I redeployed my serverless function and not instead of getting now instead of the 404 Not Found error I get 403 Forbidden:

{
"message": "Forbidden"
}
Improve this question
10
  • 2
    Please redeploy your api in stage and try again Commented Nov 20, 2022 at 5:37
  • 1
    Can you also share screenshot for the api mapping tab Commented Nov 20, 2022 at 8:26
  • @RohitAgarwal thank you for the help. I did redeploy my api however now I get Forbidden instead of Not Found. At least it's a new error, but seems like there's still a configuration problem. Commented Nov 21, 2022 at 23:34
  • @VikramS thanks for the help. I added a screenshot of my api mappings tab in the question description. Also for context I've tried adding a path such at /test to the mapping and then hitting https://d-frdw0740fd.execute-api.us-east-1.amazonaws.com/test but i get the same result unfortunately Commented Nov 21, 2022 at 23:36
  • @Adrien You will be able to hit your API with d-frdw0740fd.execute-api.us-east-1.amazonaws.com/dev add the endpoint as per your deployment with HTTP method GET POST. Add /dev after the api gateway endpoint as you have defined stage /dev.The endpoint will always return Forbidden as it is better secured response. Also the party-poll-api.com you will need to add the Route53 mapping for the API. Commented Nov 22, 2022 at 10:50

2 Answers 2

Reset to default
8

Finally found the solution. I was previously trying to use the domain from Google domains but it’s just easier doing it all through route 53 registering a new domain which creates a hosted domain. For context, this video was very helpful in getting me set up

After following the steps in API gateway to create a certificate, custom domain, name, and api mapping, there’s one last step where you must add an A name DNS record that maps to the custom domain you just created.

One major step that I needed to take that I was failing to do was to route the traffic from my gateway API to my domain

After doing that, I was able to successfully set up the custom domain name for the API.

Another major thing I learned was that under "Custom domain names", don't try to hit "API Gateway domain name" directly.

enter image description here

I tried so many times to hit this API and it was giving me that forbidden error, but it will always give that error even when the ACTUAL custom domain set up properly. So it is not useful to keep hitting this url to test that the domain is working properly, instead use the custom domain you've set up in route 53 to test to see if the setup is configured correctly.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I confirm, it worked out for me too. It's a pity AWS documentation does not stress it out..
1

I have read your question and all comments and looks like the problem is in URL.

  • Problem

As per the problem statement url [Invoke URL] 1zofmxtv82.execute-api.us-east-1.amazonaws.com/dev/health-check is working as expected but url [API Gateway Domain Name] d-frdw0740fd.execute-api.us-east-1.amazonaws.com/dev/health-check is giving 403 forbidden.

  • Solution

There is no need to use stage name (dev) in this URL d-frdw0740fd.execute-api.us-east-1.amazonaws.com/dev/health-check

Please try with d-frdw0740fd.execute-api.us-east-1.amazonaws.com/health-check

or try with Route53 URL

party-poll-api.com/health-check

  • Reason

Stage name already included in API mapping so need to mention it again.

Improve this answer

2 Comments

So I've tried hitting d-frdw0740fd.execute-api.us-east-1.amazonaws.com/health-check which is what I figured would be the correct URL but unfortunately I get back the 403 Forbidden error here
Ok what about Route53 URL that is also not working?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.