I created a "hello world" lambda function and then deployed it to an end-point using AWS's API Gateway:
All very much basic settings but I was sure to change the security to "open" and while i was told that it could take up for 15 minutes for the domain to resolve I found that even after 30 I was getting the following response from the "open" end-point:
{"message":"Missing Authentication Token"}
Am I missing something obvious? Shouldn't this have been available with what I did?
Note, it was pointed out that this image is of a PUT not a GET. I tried both and both came back errors. Just to check I've run GET and PUT through Postman and get a similar but not identical response:
and then GET ...
When I test the lambda function in the console it runs successfully but running it in the API Gateway it gives me a different articulation of the same error:
Tue Sep 29 20:57:43 UTC 2015 : Execution failed due to configuration error: Invalid permissions on Lambda function
and yet I used the default permissions that the console suggested. The lambda function itself is very basic and can be found here: code
I was having the exact some problem today. Whatever I did didn't work but finally figured out. turns out in order for the changes to take effect, you need to Deploy API.
So first go to Resources and click on Deploy API button. It will ask for a deployment stage. Once deployed I could call my API without any issues.
I know it's been a while since you posted the question, but thought it might come in handy for other people as well.
I had this same issue with a deployed API that was being hit frequently around midday the requests would stop working and fail with { Missing Authentication Token }
My issue was not the URL or a stage that was not deployed but I do know AWS throws that error for both of those reasons.
However I found a command to invalidate the cache of apigateway because in my case I was using a custom domain attached to cloudfront.
aws apigateway flush-stage-cache --rest-api-id 97y41psdkg --stage-name dev
After running this I stopped getting the { Missing Authentication Token }
You need to use "AWS Signature" under the Authorization tab in Postman. See this AWS guide on what to enter into those fields:
http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-use-postman-to-call-api.html
Please use your resource name end of your api URL.
https://***********.execute-api.us-east-1.amazonaws.com/Stag/number
Here number is my resource name
Related
I am extremely new with APIs and can not figure this out.
I have a use case where I want to call the AWS EC2 Rest API over https to start an instance from a Launch Template. I am using "RunInstances" 1 to attempt this. I have scrolled through the document and included all of the required parameters.
I then added "ImageId" to the test and got a good run (no issues with authentication, etc). The default instance was created.
The issue is that I cannot figure out how to get the API to accept the "LaunchTemplate" option. I either get "The parameter LaunchTemplate is not recognized" or a "400 - bad request" error.
In postman I have:
Postman Screenshot with the RunInstances call set up and the full URL visable
This is the link to the "LaunchTemplateSpecification" object documentation (linked from 1 also) 3
Can someone help me figure out how to construct the API request for the "LaunchTemplate" parameter?
Also, my web searches have not revealed HTTPS (web url) examples only CLI examples (none for this paramater in the docs either). If someone found a link that I could not, please send it my way.
Thanks!
#stdunbar was correct so far as the LaunchTemplate.LaunchTemplateName parameter was concerned.
I submitted a case to AWS support and received a response. I was missing a "version" parameter.
The correct parameter set is as follows:
https://us-east-1.ec2.amazonaws.com/?
Action=RunInstances&
MaxCount=1&
MinCount=1&
LaunchTemplate.LaunchTemplateName=Testing-Template&
Version=2016-11-15
Here is an updated Image of Postman (for learners like me) 1
I am trying to create an integration between EC2-ALB and Lambda functions and in a part of my code I am trying to use the method:
modify_listener() documentation available here: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/elbv2.html#ElasticLoadBalancingv2.Client.modify_listener
in that part I am using the DefaultAction: FixedResponseConfig where I am trying to display a simple hello world on html. the way this gets triggered in the code is, if my target group is unhealthy display the fixed response permissions have been setup everything looks fine because when I run the function I get a successful message but when I ask for the application from my okta portal I don't get that response (hello world) I get a normal 503 service temporary unavailable.
How can I direct that fixed response to the frontend of the app when is not working? the purpose of this is to display a maintenance page when the target group is down.
Thanks for the responses please feel free to make any question.
You can't customize ALB's error messages through fixed response. Instead you should consider two options:
use CloudFront in front of your ALB to setup Custom Error Page for Specific HTTP Status Codes
use Route53 DNS failover when your ALB becomes unhealthy.
I am having trouble with setting up CORS on AWS API-Gateway.
To provide a bit of background, CORS on API_gateway supports 6 fields as below.
Access-Allow-Control-Origin - supports 'https://www.example.com', '*', 'https://*', and 'http://*'
I got this from https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html
When I try '*' and 'https://www.domain-name.com', I get the following errors:
I am not sure what format to follow. Also, the '*' seems to be referenced in various links.
Any help greatly appreciated.
If you have enabled cors on your api gateway, the next place to look is the application code such as lambda.
Make sure the Lambda is returning the correct cross origin headers in both successful and failure scenarios. please check if your code is returning cross origin headers all the time.
To troubleshoot,
Method 1:
Check if the request is reaching the lambda from the cloud watch logs. You can find some useful information such as exceptions thrown by the code.
Method 2:
Point the Api gateway target to the Mock integration type. If the mock integration works, then the problem is the application code. otherwise the problem is in your api gateway end point.
Also note that any headers you use should be white listed in the Access-Control-Allow-headers section when you enable to cors for your method/resource.
I followed the process from this video : here
I created the Lambda function, and the API, and when I am testing in the API Gateway editor, it is working properly. Giving status 200 and correct output.
Here when I deployed I gave the url + /opencv as said in the video, but the browser doesn't give any output and gave the result site not reachable.
I also tried without the resource /opencv and when I run the url which I get after deployment I get {"message":"Missing Authentication Token"} error.
So, how am I able to get the output while testing in the AWS tool as shown in the picture above but after deployment I am not able to get. What am I missing?
Check Your Stages under Resources and verify the URL and try to create a new stage. i just followed the same steps and i can see it is working fine. In order to reproduce, i deleted the Stage and verified it gives me the error which you have mentioned. So try to reproduce the steps again by creating a new stage under resources as it will enable you to have auto new URL and then verify. Incase if it does not work, do share your stage Screenshot next time.
For others that get the same issue. One solution is to wait a bit:
I also had this error when first time deploying the API GW. It then started working fine ~5-10min later.
Is there anywhere a decent full example of creating a distribution (ideally with more than one origin - S3 and an AMS) from the command line? I was a bit dismayed to find that it isn't a case of "aws cloudfront blah blah..."
In Windows, assuming no special tools - though any solution that needs a standalone exe is fine. I have been hinted to use cURL... but can't figure out all the stuff I need to pass in, or indeed how to use cURL to do so - have found it has a -h param for headers...but never used cURL so a bit lost.
Looked http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/CreateDistribution.html but am bemused by the sketchiness of the 'example' e.g.
POST /2013-09-27/distribution HTTP/1.1
Host: cloudfront.amazonaws.com
Authorization: AWS authentication string
Date: Thu, 17 May 2012 19:37:58 GMT
Other required headers
...
Where do I find my AWS authentication string?
What are the "Other required headers"
Distribution ID I can find on the Cloudfront admin page on the web
I am totally lost - need the real beginners guide here, step by step, ideally cross referenced to the Cloudfront admin page on the web. I'm a C#/SQL desktop apps dev normally, so this is way out of comfort zone.
Have ended up using the Amazon SDK for .NET
Actually, it probably is a matter of aws cloudfront blah blah
When typing aws cloudfront in a recent version of the AWS CLI one gets:
This service is only available as a preview service.
However, if you'd like to use a basic set of cloudfront commands with the
AWS CLI, you can enable this service by adding the following to your CLI
config file:
[preview]
cloudfront=true
Following this advice, you get the command aws cloudfront create-distribution.
I am personally still struggling to find the correct input for required params like --distribution-config
Running aws configure set preview.cloudfront true did not work for me. In my case (Linux), the following worked:
Edit the file ~/.aws/config and add the content
[preview]
cloudfront=true
To its end. This topic helped, but not mentioned the [brackets].