Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[apigateway] SpecRestAPI `x-amazon-apigateway-endpoint-configuration` not usable for private API initial deployment
See original GitHub issueIt is not possible to use the swagger/openAPI x-amazon-apigateway-endpoint-configuration option in conjunction with the private endpointType.
If you specify a vpce in the endpoint configuration, you get the following:
VPCEndpoints can only be specified with PRIVATE apis. (Service: AmazonApiGateway; Status Code: 400; Error Code: BadRequestException; Request ID: a2a6cebc-7004-4884-9398-0b83a384b49c)
new SpecRestApi (/Users/ismael.martinez/projects/bitbucket/BIP/draw/draw-scheduler/node_modules/@aws-cdk/aws-apigateway/lib/restapi.ts:486:22)
...
If you deploy the stack without the x-amazon-apigateway-endpoint-configuration, it does create a usable and private API Gateway, but the vpce is not defined in the ‘Settings - Endpoint configuration’ section.
If you then deploy again the stack with the x-amazon-apigateway-endpoint-configuration, it does work, so this issue is only related to the initial creation of the API Gateway.
Reproduction Steps
Using the following code:
const api = new apigateway.SpecRestApi(this, 'ExampleRestApi', {
apiDefinition: apigateway.ApiDefinition.fromInline(swaggerInline),
endpointTypes: [apigateway.EndpointType.PRIVATE],
});
Where the swagger inline is as shown:
{
"openapi": "3.0.1",
"servers": [
{
"x-amazon-apigateway-endpoint-configuration": {
"vpcEndpointIds": [
"${PPL::VPCId}"
]
}
}
],
"paths": {
"/example": {
"get": {
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/200Response"
}
}
}
},
"400": {
"description": "400 response",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/400Response"
}
}
}
},
"404": {
"description": "404 response",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/404Response"
}
}
}
},
"500": {
"description": "500 response",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/500Response"
}
}
}
}
},
"x-amazon-apigateway-integration": {
"uri": "${PPL::LambdaAliasArn}",
"responses": {
"default": {
"statusCode": "200"
}
},
"passthroughBehavior": "when_no_match",
"httpMethod": "POST",
"contentHandling": "CONVERT_TO_TEXT",
"type": "aws_proxy"
}
}
}
},
"components": {
"schemas": {
"200Response": {
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
},
"400Response": {
"type": "object",
"properties": {
"errors": {
"type": "array",
"items": {
"$ref": "#/components/schemas/Error"
}
}
}
},
"404Response": {
"$ref": "#/components/schemas/Error"
},
"500Response": {
"$ref": "#/components/schemas/Error"
},
"Error": {
"type": "object",
"properties": {
"errorCode": {
"type": "string"
},
"message": {
"type": "string"
}
}
}
}
},
"x-amazon-apigateway-policy": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": [
"execute-api:Invoke",
"execute-api:GET"
],
"Resource": "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:*",
"Condition": {
"StringEquals": {
"aws:sourceVpce": "${PPL::VPCId}"
}
}
}
]
}
}
Where the PPL::VPCId is the endpoint id and the PPL::LambdaAliasArn is the lambda alias arn.
We substitute those values dynamically but I don’t thinks that is the issue.
What did you expect to happen?
I will expect to get a private API Gateway with the vpce defined in the ‘Settings - Endpoint configuration’ section.
What actually happened?
The deployment fails with the following message:
VPCEndpoints can only be specified with PRIVATE apis. (Service: AmazonApiGateway; Status Code: 400; Error Code: BadRequestException; Request ID: a2a6cebc-7004-4884-9398-0b83a384b49c)
new SpecRestApi (/Users/ismael.martinez/projects/bitbucket/BIP/draw/draw-scheduler/node_modules/@aws-cdk/aws-apigateway/lib/restapi.ts:486:22)
...
Environment
- CLI Version : 1.57.0
- Framework Version: 1.57.0
- Node.js Version: 10.22.0
- OS : MAC 10.15.6
- Language (Version): TypeScript (3.8.2)
Other
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 3 years ago
- Reactions:5
- Comments:7 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
The requires investigation into how to correctly use
x-amazon-apigateway-endpoint-configurationoption in the OpenAPI definition.Is a workaround until above is implemented for any else facing the same issue.