By using AWS re:Post, you agree to the Terms of Use

Questions tagged with Amazon API Gateway

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

1
answers
0
votes
34
views
asked a month ago

Cloudfront Error "IncompleteSignatureException" when accessing API Gateway Origin/Behavior

I am struggeling to get my cloudfront/apigateway setup right. I have a cloudfront with two origins pointing to the same ApiGateway but of different routes. `/*` as default should be routed to `/dev/react` and `/api/*` should be routed to `/dev/api/` on the Apigateway. `/dev/react` is a SSR Lambda rendering a react web page and `/dev/api` are my API Lambdas. The API Lambdas are protected by the Cognito Authorizer for which I am sending the Authorization header on every request. ![Origins](/media/postImages/original/IMObjSDZDsSqeOJshBizRelg) ![Behaviours](/media/postImages/original/IMBoIhWrwiQJyoxmpTHmHCZw) This works very well when I serve everything on the ApiGateway domain, no Auth errors or such, but when I try to serve/access it via the cloudfront domain I can load the react app, via the default behaviour, but when the react app calls the API endpoints I get a IncompleteSignatureException. I tried forwarding the Host header and other things, but cannot get it to work. I found this [ApiGateway403Erros](https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-troubleshoot-403-forbidden/?nc1=h_ls) page where the expl. is A request with an "Authorization" header is sent to an API resource path that doesn't exist., but I can pin point what that means for my scenario? Is my routing bad? Am i missing an alias domain on the ApiGateway? What makes cloudfront not "finding" the resources on this path? Any hints would be very much appreciated.
1
answers
0
votes
38
views
asked a month ago