AWS API Gateway {"message":"Not Found"}

Hello, I'm trying to deploy an HTTP API Gateway that routes traffic to 2 target groups on ECS using Terraform with a custom domain name, the problem is, when I run the code it creates all the resouces but when I go to https://api.example.com/service-one or https://api.example.com/service-two I get a 404 error: {"message":"Not Found"}. I found on several posts that this 404 tends to indicate an error on the routes of the API Gateway, the strange thing is, if I destroy and recreate only the api gw with "terraform destroy -target aws_apigatewayv2_api.apigateway" it starts working, without changing anything in the code. Not sure what else to try. I'll leave the API Gateway part of the code below.

resource "aws_apigatewayv2_api" "apigateway" {
  name          = "${var.project_name}-api-gateway"
  protocol_type = "HTTP"
}
# Ownership of domain name
resource "aws_apigatewayv2_domain_name" "apigateway-domain-name" {
  domain_name = "api.${var.project_name}.example.com"

  domain_name_configuration {
    certificate_arn = aws_acm_certificate.ssl_certificate.arn
    endpoint_type   = "REGIONAL"
    security_policy = "TLS_1_2"
  }
  depends_on = [aws_acm_certificate_validation.cert_validation]
}
# Domain Mapping
resource "aws_apigatewayv2_api_mapping" "api-mapping" {
  api_id      = aws_apigatewayv2_api.apigateway.id
  domain_name = aws_apigatewayv2_domain_name.apigateway-domain-name.id
  stage       = aws_apigatewayv2_stage.apigw-stage.id
}

# Service One API 
resource "aws_apigatewayv2_integration" "service-one-integration" {
  api_id             = aws_apigatewayv2_api.apigateway.id
  description        = "Service one integration with API Gateway"
  integration_type   = "HTTP_PROXY"
  integration_uri    = aws_lb_listener.service-one-lb-listener.arn
  integration_method = "ANY"
  connection_type    = "VPC_LINK"
  connection_id      = aws_apigatewayv2_vpc_link.vpc-link.id

  tls_config {
    server_name_to_verify = "api.${var.project_name}.example.com"
  }

  request_parameters = {
    "overwrite:path" = "$request.path.proxy"
  }
}

resource "aws_apigatewayv2_route" "service-one-route" {
  api_id    = aws_apigatewayv2_api.apigateway.id
  route_key = "ANY /service-one/{proxy+}"

  target = "integrations/${aws_apigatewayv2_integration.service-one-integration.id}"
  lifecycle {

    ignore_changes = [
      target,
    ]
  }
}

# Service Two API 

resource "aws_apigatewayv2_integration" "service-two-integration" {
  api_id           = aws_apigatewayv2_api.apigateway.id
  description      = "Service two integration with API Gateway"
  integration_type = "HTTP_PROXY"
  integration_uri  = aws_lb_listener.service-two-lb-listener.arn

  integration_method = "ANY"
  connection_type    = "VPC_LINK"
  connection_id      = aws_apigatewayv2_vpc_link.vpc-link.id

  tls_config {
    server_name_to_verify = "api.${var.project_name}.example.com"
  }

  request_parameters = {
    "overwrite:path" = "$request.path.proxy"
  }
}

resource "aws_apigatewayv2_route" "service-two-route" {
  api_id    = aws_apigatewayv2_api.apigateway.id
  route_key = "ANY /service-two/{proxy+}"

  target = "integrations/${aws_apigatewayv2_integration.service-two-integration.id}"
  lifecycle {

    ignore_changes = [
      target,
    ]
  }
}

#General
resource "aws_apigatewayv2_vpc_link" "vpc-link" {
  name               = "vpc-link"
  security_group_ids = [aws_security_group.public.id]
  subnet_ids         = [module.vpc.private_subnets[0], module.vpc.private_subnets[1], module.vpc.private_subnets[2]]
}

resource "aws_apigatewayv2_stage" "apigw-stage" {
  api_id      = aws_apigatewayv2_api.apigateway.id
  name        = "$default"
  auto_deploy = false
  lifecycle {
    ignore_changes = [
      deployment_id,
    ]
  }
}


#####

resource "aws_apigatewayv2_deployment" "apigw" {
  api_id      = aws_apigatewayv2_api.apigateway.id
  description = "Terraform managed deployment of the proxy routes"
  lifecycle {
    create_before_destroy = true
  }
  depends_on    = [aws_apigatewayv2_route.service-one-route, aws_apigatewayv2_route.service-two-route]
}

resource "null_resource" "update_routes" {
  provisioner "local-exec" {
    command = "aws apigatewayv2 update-route --api-id ${aws_apigatewayv2_api.apigateway.id} --route-id ${aws_apigatewayv2_route.service-one-route.id} --target integrations/${aws_apigatewayv2_integration.service-one-integration.id}"
  }
  provisioner "local-exec" {
    command = "aws apigatewayv2 update-route --api-id ${aws_apigatewayv2_api.apigateway.id} --route-id ${aws_apigatewayv2_route.service-two-route.id} --target integrations/${aws_apigatewayv2_integration.service-two-integration.id}"
  }
  provisioner "local-exec" {
    command = "aws apigatewayv2 create-deployment --api-id ${aws_apigatewayv2_api.apigateway.id} --stage ${var.environment}"
  }
    depends_on    = [aws_apigatewayv2_deployment.apigw]
}

Austin M
un anno fa
Could it be that the "null_resource" "update_routes" is overriding your deployment changes? Have you tried removing that resource?

Argomenti

Serverless Front-end web e dispositivi mobili Networking e distribuzione di contenuti

Tag

Gateway API di Amazon Amazon Route 53 Equilibratore di carico applicazioni Terraform

Lingua

English

Guille

posta un anno fa121 visualizzazioni

Nessuna risposta

Più recenti
Maggior numero di voti
Maggior numero di commenti

Contenuto pertinente

Come creare un'integrazione privata utilizzando un Application Load Balancer interno per un’API HTTP di Gateway Amazon API?
AWS UFFICIALEAggiornata 2 anni fa
Come faccio a configurare un nome di dominio personalizzato per la mia API Gateway API?
AWS UFFICIALEAggiornata 2 anni fa
How do I access a private API Gateway API when the VPC endpoint uses an on-premises DNS?
AWS UFFICIALEAggiornata 3 anni fa
Come posso passare i dati attraverso REST API del gateway API a una funzione Lambda back-end oppure a un endpoint HTTP?
AWS UFFICIALEAggiornata 2 anni fa