Cloudfront 404 error API Gateway Origin

0

This is my API gateway. It works as expected with invocation URL. As in it gets a response from the lambda. Name of my stage is also stage so my invocation URL looks like: <apigw-id>.execution-api.<region>.amazonaws.com/stage This is my apigw integration screen: here This is my cloud front distro: here This is all the origin behavior: here This is the api/upload-url path origin behaviour: here This is the origin: here This is when I make request to apigw invocation url: here This is the same request via cloudfront: here

Note how there is apigw-requestid in the response header of the cloudfront request but it actually doesn't show up in the access log of the api gateway.

3 Answers
5

Hello,

To fix this, you need to use Lambda@Edge:

Lambda@Edge Function: Create a Lambda@Edge function that adjusts the URI path of incoming requests to prepend /<stage> (e.g., /stage/<path>).

Attach Lambda@Edge: Associate this function with the CloudFront distribution's Origin Request event. This ensures CloudFront modifies the URI path before sending requests to API Gateway.

Testing: After setup, test requests through CloudFront to ensure they reach API Gateway with the correct URI path (/<stage>/<path>).

This approach ensures requests forwarded by CloudFront match API Gateway’s expected URI format, resolving the 404 errors you're encountering.

profile picture
EXPERT
answered 5 months ago
0

This is probably happening because CloudFront is not adjusting the URI path when it forwards the request to your API Gateway Origin. This means that API Gateway receives requests that look like this:

https://d-xxx.execute-api.<region>.amazonaws.com/api/upload-url

Setting up API Gateway and CloudFront is discussed here, but your case requires an extra step to rewrite the URI.

You'll need a Lambda@Edge function attached to the Origin Request trigger to modify the URI path of your requests. Some examples are available here which you should be able to modify to suit your use case.

You won't be able to use CloudFront Functions to do this, because it will cause the requests to be rewritten before CloudFront selects the behavior.

AWS
EXPERT
answered 5 months ago
  • why is origin path in origin behavior not working?

  • i tried as you said, this is my function:

    def handler(event, context):
        request = event["Records"][0]["cf"]["request"]
        uri = request["uri"]
        stage = "stage/"
    
        request["uri"] = f"{stage}"
    
        print("Request has been modified from: ", uri, " to: ", request["uri"])
        
        return request
    
    

    still getting the same error

0

I think you're right: the origin path /stage that you specified as the origin path should be getting added at the beginning of the request path. When you request /api/upload-url/ from CloudFront, the origin should be receiving the path /stage/api/upload-url/

I might be missing something really obvious, but in the screenshot of the successful request directly to API Gateway, the requested path seems to be just /stage and not /stage/api/upload-url/, so the URL is different from the CloudFront test.

If you set the API Gateway to expect the URL path /stage/api/upload-url/, then your current CloudFront setup would work when called with the path https[:]//cloudfront-distro-url.domain.name/api/upload-url/

EXPERT
answered 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions