AWS API Gateway {"message":"Not Found"}

Hello, I'm trying to deploy an HTTP API Gateway that routes traffic to 2 target groups on ECS using Terraform with a custom domain name, the problem is, when I run the code it creates all the resouces but when I go to https://api.example.com/service-one or https://api.example.com/service-two I get a 404 error: {"message":"Not Found"}. I found on several posts that this 404 tends to indicate an error on the routes of the API Gateway, the strange thing is, if I destroy and recreate only the api gw with "terraform destroy -target aws_apigatewayv2_api.apigateway" it starts working, without changing anything in the code. Not sure what else to try. I'll leave the API Gateway part of the code below.

resource "aws_apigatewayv2_api" "apigateway" {
  name          = "${var.project_name}-api-gateway"
  protocol_type = "HTTP"
}
# Ownership of domain name
resource "aws_apigatewayv2_domain_name" "apigateway-domain-name" {
  domain_name = "api.${var.project_name}.example.com"

  domain_name_configuration {
    certificate_arn = aws_acm_certificate.ssl_certificate.arn
    endpoint_type   = "REGIONAL"
    security_policy = "TLS_1_2"
  }
  depends_on = [aws_acm_certificate_validation.cert_validation]
}
# Domain Mapping
resource "aws_apigatewayv2_api_mapping" "api-mapping" {
  api_id      = aws_apigatewayv2_api.apigateway.id
  domain_name = aws_apigatewayv2_domain_name.apigateway-domain-name.id
  stage       = aws_apigatewayv2_stage.apigw-stage.id
}

# Service One API 
resource "aws_apigatewayv2_integration" "service-one-integration" {
  api_id             = aws_apigatewayv2_api.apigateway.id
  description        = "Service one integration with API Gateway"
  integration_type   = "HTTP_PROXY"
  integration_uri    = aws_lb_listener.service-one-lb-listener.arn
  integration_method = "ANY"
  connection_type    = "VPC_LINK"
  connection_id      = aws_apigatewayv2_vpc_link.vpc-link.id

  tls_config {
    server_name_to_verify = "api.${var.project_name}.example.com"
  }

  request_parameters = {
    "overwrite:path" = "$request.path.proxy"
  }
}

resource "aws_apigatewayv2_route" "service-one-route" {
  api_id    = aws_apigatewayv2_api.apigateway.id
  route_key = "ANY /service-one/{proxy+}"

  target = "integrations/${aws_apigatewayv2_integration.service-one-integration.id}"
  lifecycle {

    ignore_changes = [
      target,
    ]
  }
}

# Service Two API 

resource "aws_apigatewayv2_integration" "service-two-integration" {
  api_id           = aws_apigatewayv2_api.apigateway.id
  description      = "Service two integration with API Gateway"
  integration_type = "HTTP_PROXY"
  integration_uri  = aws_lb_listener.service-two-lb-listener.arn

  integration_method = "ANY"
  connection_type    = "VPC_LINK"
  connection_id      = aws_apigatewayv2_vpc_link.vpc-link.id

  tls_config {
    server_name_to_verify = "api.${var.project_name}.example.com"
  }

  request_parameters = {
    "overwrite:path" = "$request.path.proxy"
  }
}

resource "aws_apigatewayv2_route" "service-two-route" {
  api_id    = aws_apigatewayv2_api.apigateway.id
  route_key = "ANY /service-two/{proxy+}"

  target = "integrations/${aws_apigatewayv2_integration.service-two-integration.id}"
  lifecycle {

    ignore_changes = [
      target,
    ]
  }
}

#General
resource "aws_apigatewayv2_vpc_link" "vpc-link" {
  name               = "vpc-link"
  security_group_ids = [aws_security_group.public.id]
  subnet_ids         = [module.vpc.private_subnets[0], module.vpc.private_subnets[1], module.vpc.private_subnets[2]]
}

resource "aws_apigatewayv2_stage" "apigw-stage" {
  api_id      = aws_apigatewayv2_api.apigateway.id
  name        = "$default"
  auto_deploy = false
  lifecycle {
    ignore_changes = [
      deployment_id,
    ]
  }
}


#####

resource "aws_apigatewayv2_deployment" "apigw" {
  api_id      = aws_apigatewayv2_api.apigateway.id
  description = "Terraform managed deployment of the proxy routes"
  lifecycle {
    create_before_destroy = true
  }
  depends_on    = [aws_apigatewayv2_route.service-one-route, aws_apigatewayv2_route.service-two-route]
}

resource "null_resource" "update_routes" {
  provisioner "local-exec" {
    command = "aws apigatewayv2 update-route --api-id ${aws_apigatewayv2_api.apigateway.id} --route-id ${aws_apigatewayv2_route.service-one-route.id} --target integrations/${aws_apigatewayv2_integration.service-one-integration.id}"
  }
  provisioner "local-exec" {
    command = "aws apigatewayv2 update-route --api-id ${aws_apigatewayv2_api.apigateway.id} --route-id ${aws_apigatewayv2_route.service-two-route.id} --target integrations/${aws_apigatewayv2_integration.service-two-integration.id}"
  }
  provisioner "local-exec" {
    command = "aws apigatewayv2 create-deployment --api-id ${aws_apigatewayv2_api.apigateway.id} --stage ${var.environment}"
  }
    depends_on    = [aws_apigatewayv2_deployment.apigw]
}

Austin M
vor einem Jahr
Could it be that the "null_resource" "update_routes" is overriding your deployment changes? Have you tried removing that resource?

Themen

Serverlos Frontend-Web & Mobile Vernetzung & Bereitstellung von Inhalten

Relevanter Inhalt

Wie kann ich ein SAW-Runbook verwenden, um Fehler bei meinem benutzerdefinierten Domainnamen in API Gateway zu beheben?
AWS OFFICIALAktualisiert vor einem Jahr
Wie übergebe ich Daten über eine API-Gateway-REST-API an eine Backend-Lambda-Funktion oder einen HTTP-Endpunkt?
AWS OFFICIALAktualisiert vor 2 Jahren
Wie kann ich einen benutzerdefinierten Domainnamen für meine API Gateway-API einrichten?
AWS OFFICIALAktualisiert vor 2 Jahren
Wie behebe ich API-HTTP-504-Timeout-Fehler mit API Gateway?
AWS OFFICIALAktualisiert vor einem Jahr