- Newest
- Most votes
- Most comments
Hi,
Apart that you can troubleshoot further here: https://repost.aws/knowledge-center/api-gateway-private-cross-account-vpce, Can you try to invoke the api gw as https://<api-gw-id>-<vpce-url> As described in “associate/disassociate” section in https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-apis.html?
Let me know
I've followed those steps and I'm still getting 403 errors. I actually followed them before I posted. No matter the calling method, I always get 403 Forbidden error when calling from the secondary account. Note, I have to use the public DNS in some cases due to non-vpc systems having to call the gateway.
UPDATE: I did just do yet another re-deploy and tried the <apiid>.execute-api.us-east-1.amazonaws.com method and it worked from within the secondary account VPC. Now I just need to make it work via the public DNS.
And now the public is working too. Maybe I forgot to re-deploy or I'm just really bad at copy pasta on Friday. Thanks alatech.
Relevant content
- asked 5 years ago
- asked 2 years ago
- Accepted Answerasked 7 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago