1

I have created an API Gateway that works. If I trigger the endpoint manually by https://example-api.amazonaws.com/Prod/some/endpoint the API gives me the desired result. Also I have set up a cloudfront behavior to route to this endpoint whenever the path contains /api/*.

If I now visit the endpoint through the cloudfront distribution: https://xxxxxxx.cloudfront.net/some/endpoint it gives me a 404 error. Cloudfront correctly appends the /prod to the path which tells me that something is working at least.

More specifically it gives me:

404 Not Found
Code: NoSuchKey
Message: The specified key does not exist.
An Error Occurred While Attempting to Retrieve a Custom Error Document

I can see the cloudfront distribution working since it redirects correctly. I have been struggling with this for a while now. Is this error code to ambiguous to be helpful?

After doing some more digging it seems as if the cloudfront distribution is looking in my s3 for an object with the key. So for some reason the PathPattern: /api/v1/* is not redirecting to the APIOrigin.

I have attached my Cloudformation template below:

Resources:
  WebsiteCloudfront:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Comment: Cloudfront Distribution pointing to S3 bucket and API Gateway.
        Origins:
          - Id: S3Origin
            DomainName: bucket-for-static-files.amazonaws.com
            CustomOriginConfig:
              HTTPPort: 80
              HTTPSPort: 443
              OriginProtocolPolicy: http-only
          - Id: APIOrigin
            DomainName: example.api.endpoint.amazonaws.com
            OriginPath: /prod
            CustomOriginConfig:
              # HTTPPort: 80
              HTTPSPort: 443
              OriginProtocolPolicy: https-only
              OriginSSLProtocols:
                - TLSv1.2
        Enabled: true
        HttpVersion: 'http2'
        DefaultRootObject: index.html
        Aliases:
          - !Ref DomainName
        DefaultCacheBehavior:
          AllowedMethods:
            - DELETE
            - GET
            - HEAD
            - OPTIONS
            - PATCH
            - POST
            - PUT
          Compress: true
          # Logging: Logging
          TargetOriginId: S3Origin
          ForwardedValues:
            QueryString: true
            Cookies:
              Forward: none
          ViewerProtocolPolicy: redirect-to-https
        CacheBehaviors:
          - TargetOriginId: APIOrigin
            ViewerProtocolPolicy: https-only
            PathPattern: /api/v1/*
            ForwardedValues:
              QueryString: true
              Headers:
                - Host
            AllowedMethods:
              - DELETE
              - GET
              - HEAD
              - OPTIONS
              - PATCH
              - POST
              - PUT
        PriceClass: PriceClass_All
        ViewerCertificate:
          AcmCertificateArn: arn:aws:acm:SOME_HARD_CODED_ARN
          SslSupportMethod: sni-only
          MinimumProtocolVersion: TLSv1.2_2019

However, the strange part remains where the cloudfront distribution appends the /prod. Making it seem as if the pathPattern correctly routes to API Gateway.

Edit: Currently thinking I might be missing Headers for the API Gateway.

Frankster
  • 653
  • 7
  • 26
  • Your template example is incomplete. Please add the APIGW reference. – petey Nov 16 '20 at 15:21
  • Does this answer your question? [SAM Adding s3 website to API Gateway + Lambda with single custom domain name](https://stackoverflow.com/questions/60087886/sam-adding-s3-website-to-api-gateway-lambda-with-single-custom-domain-name) – petey Nov 17 '20 at 05:13
  • Ever find a solution to this issue? I am having the same one. – kamn Feb 12 '21 at 22:39

0 Answers0