Mock Api returning 403 Forbidden when calling it from a lambda function

0

I am trying to use HttpClient from apache to call my mock api from inside a lambda function. When doing this I get a 403 Forbidden error returned. My mock api works when I use Postman and from within a unit test. The API Key is not required. I am not using a WAF for this API. Other APIs (not aws) work using the HttpClient from apache, but I am not sure if that is related. How can I solve this so my mock api returns what it is supposed to instead of this Forbidden error?

2 Answers
0

The 403 Forbidden error indicates that the server understood the request, but it refuses to authorize it. This status is similar to 401 (Unauthorized), but indicates that the client must authenticate itself to get the requested response.

profile picture
EXPERT
answered 3 months ago
  • In my method request settings, the Authorization is NONE for my mock api. What kind of authentication would I need to give ?

0

Hello,

I understand that you are observing 403 forbidden when calling the api endpoint using the apache client from inside the Lambda function. However, the mock integration works when you try to call it from postman.

Kindly note that API endpoint returns 403 forbidden in various scenarios for example when when the caller used an API key that's not valid for a method that requires an API key, the request is blocked by web application firewall, the caller's request URL includes a stage that doesn't exist, the caller uses the default execute-api endpoint to invoke a REST API after deactivating the default endpoint. However, I understand that you are not using any api key or WAF on the API.

Please find the complete details on troubleshooting 403 forbidden in the well-curated document here:

[+] https://repost.aws/knowledge-center/api-gateway-troubleshoot-403-forbidden

Additionally, if the Lambda function is inside a VPC, kindly confirm if Private DNS enabled on the execute-api VPC Endpoint in the same VPC as the Lambda function. This is another reason why you could be observing forbidden error on while trying to make the request to the API endpoint. To mitigate this issue, you can try removing the VPC endpoint if that is not being used by you or set up edge-optimized custom domain names or regional custom domain names to connect to your public APIs. Please find the complete details on the same here:

[+] https://repost.aws/knowledge-center/api-gateway-vpc-connections

If you require additional assistance , I would recommend you to reach out to AWS Premium Support by raising a Support Case using the same account with all the information.

AWS
Vastav
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions