Is this possible?
I am building a ecommerce site that requires calling external api service built on HTTP.
My site is built on AWS EBS, with django(backend) and angular2(frontend).
If I try to call the HTTP api from angular side, mixed-contents errors pops up, which is apparently the chrome browser blocking the call.
Is there a way to do this? I found this answer regarding proxy, but because I'm a newbie, I don't really get how to I can proxy the call with django or angular. Thanks.
Since your application is serving the content over HTTPS, its a must to access other resources also through HTTPS to solve the mixed content issue. The best way to approach is to use a proxy. For that you can either setup a proxy manually using EC2 or using a managed service like AWS CloudFront or AWS API Gateway depending on the nature of the resources you access.
If its a REST API use API Gateway and if its more of content (JS, CSS, HTML and other files & etc.) use CloudFront.
Related
I've been wasting about 12 hours going in circles in what seems like this:
I am trying to just make a simple static landing page in lambda and hook the root of a domain to it.
The landing page works, but api gateway didn't because AWS doesn't seem to set permissions properly by default ("internal server error" with API gateway and lambda on AWS) but now the gateway link works.
So the next steps were the following:
add a custom domain name in the api gateway
add the api mapping in the custom domain name
in route 53, create a wildcard certificate with *.domain.com and domain.com
create an A record that points to the api gateway with domain.com
create a CNAME record that points to the A record
and I get an error 403 with absolutely nothing in the log. I log both 'default' and '$default' stages in the api gateway.
I read https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-403-error-lambda-authorizer/ which is all about looking at what's in the logs...
and I find the doc is both everywhere and nowhere because it's built as chunks of 'do this' and 'do that' without ever painting a whole picture of how each piece is connected to the other, or any graph with the hierarchy of services, etc. Reminds me of code that works only when you follow the example documented and breaks otherwise.
I'm sure I'm doing something wrong, but given the lack of logs and lack of cohesive documentation, I have no idea about the problem.
Not to mention that http doesn't even connect, just https.
Can anyone outline the steps needed to achieve this? essentially: [http|https]://(www).domain.com -> one lambda function
You cannot use API Gateway for an HTTP request; it only supports HTTPS.
From the Amazon API Gateway FAQs (emphasis mine):
Q: Can I create HTTPS endpoints?
Yes, all of the APIs created with Amazon API Gateway expose HTTPS endpoints only. Amazon API Gateway does not support unencrypted (HTTP) endpoints. By default, Amazon API Gateway assigns an internal domain to the API that automatically uses the Amazon API Gateway certificate. When configuring your APIs to run under a custom domain name, you can provide your own certificate for the domain.
You can use CloudFront to automatically redirect HTTP to HTTPS. How do I set up API Gateway with my own CloudFront distribution? provides a pretty simple walkthrough of connecting an API Gateway to CloudFront (you can skip the API Gateway portion and use the one you created). The important thing you'll need to do that is not in that document is to select Redirect HTTP to HTTPS.
If you truly need HTTP traffic you're probably going to need to go with an ALB.
I'm new to AWS and I'm in the process of deploying an app there. I already hosted my frontend in S3 and cloudfront and generated a certificate in order to serve my frontend with https. Now I need to provide access to my backend. I already created the proper structure in EC2 and I can even retrieve info from my backend through simple http. The problem is that once my frontend is https and my backend is http it refuses to receive info thowing an error for "mixed content".
I already read a lot of articles from AWS and yet I'm confused on how to implement https in ec2.
I've created load balancers, VPC and etc, but I really can't make it work.
If anyone can help me with , I'd be thankful!
I'm working on this site that I'm hosting with AWS. I'm hosting a vue.js frontend in an S3 bucket and the backend utilizes Spring Boot hosted with Elastic Beanstalk and a MySQL RDS instance. After playing around some, I got the frontend to serve up files via HTTPS, but now my requests to the Spring API are failing.
I've done a lot of digging on this and it seems that are may be several ways to handle this, but I just keep getting stuck and not knowing where to turn next. I've tried playing around with setting up a load balancer, and also tried configuring a proxy in a .ebextensions configuration file.
This whole thing was working when I set it up with HTTP originally, but now that the front-end is serving up HTTPS it won't work.
Web browsers must be blocking your mixed HTTP/HTTPs content because of their inbuilt security. You need to make sure that you setup the whole site using HTTPs or HTTP. As you have already set up the S3 content to be served through HTTPs, now you must configure your Elastic Beanstalk environment to be setup with HTTPs too. Here is the link to help you with that
Configuring HTTPS for Your Elastic Beanstalk Environment
If your site is built with a CRM? (WordPress/Joomla/ect.) then there are plugins/extensions that handle that. I had a similar situation with a WordPress site, and used the plug-in called "SSL Insecure Content Fixer". Worked without a hitch, rather than scanning through the entire site for mixed HTTP/HTTPs content.
I'm curious whether is possible to load a web page via AWS lambda functions.
I mean, I would like to open a webpage like www.something.com/home which makes a request to the AWS lambda function which will open/get resources from www.i-would-like-to-hide-this-url.com/home, but the URL should remain www.something.com/home.
So can I use AWS as a proxy for the case above?
Yes you can do it with CloudFront using custom Origin. It will work as a reverse proxy for your customers.
A custom origin is an HTTP server, for example, a web server. The HTTP server can be an Amazon Elastic Compute Cloud (Amazon EC2) instance or an HTTP server that you manage privately. An Amazon S3 origin configured as a website endpoint is also considered a custom origin.
When you use a custom origin that is your own HTTP server, you specify the DNS name of the server, along with the HTTP and HTTPS ports and the protocol that you want CloudFront to use when fetching objects from your origin.
Using Amazon EC2 or Other Custom Origins
Or you can do it with ELB and a reverse proxy on EC2. But in this case you will be responsible for this reverse proxy.
Maybe it is even possible to do it with lambda if you code the "reverse proxy" solution, but I guess it is not exaclty recommended.
Typically you host the static assets (html/js/css/img) in S3, you front Lambda with API Gateway, and your web page makes HTTP/Rest requests to API Gateway which forwards them to your Lambda. Lambda itself does not typically serve the static assets. If you need SSL then you add CloudFront. Example here.
I am trying to separate frontend and backend parts. I deployed frontend to S3 bucket (https) and I have a backend on elasticbeanstalk (with http://***.elasticbeanstalk.com). Since both are development environments I won't buy domain for them and I am looking for a best idea how to make it works together.
HTTPS frontend and HTTP backend doesn't work, because of mixed content
and I can't get HTTPS on *.elasticbeanstalk.com (I would need to have my own domain)
Only idea I see is probably API GATEWAY, but:
I am not sure if It would be possible to use HTTPS there
I would be hard do deploy changes I think
I have quite nice build backend structure and using gateway would ruin that
Maybe some with bigger experience suggest me something?