[英]Understanding AWS API Gateway Custom Domain Names
I am struggling to understand how AWS API Gateway Custom Domain works. 我正在努力了解AWS API Gateway Custom Domain的工作方式。
I have set up a Regional Custom Domain Name
for my api, like api.example.com
. 我已经为我的api设置了
Regional Custom Domain Name
,例如api.example.com
。 The result is a Target Domain Name
in the form of: 结果是以下形式的
Target Domain Name
:
aaaaaaaaaaaa.execute-api.us-east-1.amazonaws.com
If I try to invoke the API using this link, such as in: 如果我尝试使用此链接来调用API,例如:
https://aaaaaaaaaaaa.execute-api.us-east-1.amazonaws.com/mymap/mystage/example
But I get a 403 Forbidden
. 但是我得到了
403 Forbidden
。
BUT, if I go to Stages
and select mystage
there's a big blue Invoke URL
in the form of: 但是,如果我转到
Stages
并选择mystage
则会有一个蓝色的大Invoke URL
,其形式为:
https://bbbbbbbbbb.execute-api.us-east-1.amazonaws.com/mymap/mystage/example
Which works! 哪个有效!
So here come my first 2 questions: 所以这是我的前两个问题:
1 - Why does API Gateway generate 2 different URLs for the same API (the Target Domain Name
and the Invoke URL
)? 1-为什么API网关为同一API生成2个不同的URL(
Target Domain Name
和Invoke URL
)?
2 - Why does the Invoke URL
works and the Target Domain Name
doesn't? 2-为什么“
Invoke URL
有效而“ Target Domain Name
”无效?
Here's the second part of my question, I am trying to configure Route 53
for the Regional Custom Domain Name
configuration, but I can't find any examples about the right way to do it (just for Edge Optimized Custom Domain Name
). 这是我问题的第二部分,我正在尝试为
Regional Custom Domain Name
配置配置Route 53
,但找不到任何有关正确方法的示例(仅针对Edge Optimized Custom Domain Name
)。
I tried to create an A
record for api.example.com
as an Alias
to aaaaaaaaaaaa.execute-api.us-east-1.amazonaws.com
, but it says: 我尝试为
api.example.com
创建A
记录,作为aaaaaaaaaaaa.execute-api.us-east-1.amazonaws.com
的Alias
,但它说:
The record set could not be saved because: - Alias Target contains an invalid value.
无法保存记录集,因为:-别名目标包含无效值。
So I created a CNAME
record for api.example.com
, setting Alias
to No
(setting as a Yes
brings the same error message as in the A
record case) and the value as aaaaaaaaaaaa.execute-api.us-east-1.amazonaws.com
but then I get a 404
when I try to invoke my API as https://api.example.com/mymap/mystage/example
. 因此,我为
api.example.com
创建了一个CNAME
记录,将Alias
设置为No
(设置为Yes
会带来与A
记录情况相同的错误消息),并将值设置为aaaaaaaaaaaa.execute-api.us-east-1.amazonaws.com
但是当我尝试以https://api.example.com/mymap/mystage/example
调用我的API时,得到了404
。
What am I doing wrong? 我究竟做错了什么?
EDIT: 编辑:
This thread was moved to the AWS Forums here 该线程已移至此处的AWS论坛
EDIT 2: 编辑2:
Apparently, as the AWS support guys said, there is an inconsistency on how API Gateway treats Custom Domain Names and regular API Gateway URLs, all is documented at this AWS Forum thread here 显然,正如AWS支持人员所说,API网关对待自定义域名和常规API网关URL的方式存在不一致之处,所有内容均在此AWS论坛线程中进行了记录。
If anyone wants to understand what was going on with API Gateway, take a look at this thread . 如果有人想了解API Gateway发生了什么,请看一下该线程 。
It basically says that API Gateway processes regular URLs (like aaaaaaaaaaaa.execute-api.us-east-1.amazonaws.com
) differently than how it processes Custom Domain Name URLs (like api.myservice.com
). 它基本上说API网关处理常规URL(例如
aaaaaaaaaaaa.execute-api.us-east-1.amazonaws.com
)与处理自定义域名URL(例如api.myservice.com
)的方式不同。 So when API Gateway forwards your API request to your Lambda Function, your Lambda Function will receive different path
values, depending on which type of your URL you used to invoke your API. 因此,当API Gateway将您的API请求转发到Lambda函数时,您的Lambda函数将收到不同的
path
值,具体取决于您用来调用API的URL类型。
In my case I am using the serverless java container , so I can run a Jersey webservice on AWS Lambda. 就我而言,我使用的是无服务器Java容器 ,因此可以在AWS Lambda上运行Jersey网络服务。 Since the URL is not being passed the same for both URLs, Jersey will return a 404 when it receives an URL that is malformed for its configuration.
由于未同时传递两个URL的URL,因此Jersey收到其配置格式错误的URL时,它将返回404。
The AWS API Gateway team said their are thinking about making this URL invocation uniform, but no compromises on it so far (January 2018). AWS API Gateway团队表示,他们正在考虑使此URL调用统一化,但到目前为止(2018年1月)对此没有妥协。
The Route 53 part of my question is answered by Jack and I have nothing to add. 杰克回答了我的问题的53号公路部分,我无话可说。
The Route53 console doesn't support API Gateway as an ALIAS target yet. Route53控制台尚不支持API网关作为ALIAS目标。 You'll have to make the ALIAS record using a CLI/SDK (or the hit the R53 API directly) and provide the target hosted zone listed on this page: http://docs.aws.amazon.com/general/latest/gr/rande.html#apigateway_region
您必须使用CLI / SDK(或直接点击R53 API)进行ALIAS记录,并提供此页面上列出的目标托管区域: http : //docs.aws.amazon.com/general/latest/ gr / rande.html#apigateway_region
Why does API Gateway generate 2 different URLs for the same API (the Target Domain Name and the Invoke URL)?
为什么API Gateway会为同一API生成两个不同的URL(目标域名和调用URL)?
The Invoke URL is the default endpoint that is always available with a valid SSL certificate. 调用URL是默认端点,始终可通过有效的SSL证书使用。 This endpoint is managed by API Gateway.
该端点由API网关管理。 The target domain name is optional (you have to set up the custom domain name), and the DNS and SSL certificate are managed by you/customer.
目标域名是可选的(您必须设置自定义域名),并且DNS和SSL证书由您/客户管理。
Thanks, Jack 谢谢杰克
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.