Amazon web services Terraformed AWS API网关自定义域名抛出403禁止
我试图通过一个区域自定义域公开我的区域API网关的所有阶段 问题 如果我直接卷曲API网关(即Amazon web services Terraformed AWS API网关自定义域名抛出403禁止,amazon-web-services,terraform,aws-api-gateway,amazon-route53,Amazon Web Services,Terraform,Aws Api Gateway,Amazon Route53,我试图通过一个区域自定义域公开我的区域API网关的所有阶段 问题 如果我直接卷曲API网关(即https://xx.execute-api.eu-west-3.amazonaws.com/default/users),它可以工作,但如果我注册域名,我会得到一个403(即https://api.acme.com/default/users) 配置 我的地形文件如下所示: data "aws_route53_zone" "acme" { name
https://xx.execute-api.eu-west-3.amazonaws.com/default/users
),它可以工作,但如果我注册域名,我会得到一个403
(即https://api.acme.com/default/users
)
配置
我的地形文件如下所示:
data "aws_route53_zone" "acme" {
name = "acme.com."
}
resource "aws_api_gateway_rest_api" "backend" {
name = "acme-backend-api"
description = "Backend API"
body = "SOMETHING"
endpoint_configuration {
types = ["REGIONAL"]
}
}
resource "aws_api_gateway_deployment" "backend" {
rest_api_id = aws_api_gateway_rest_api.backend.id
stage_name = "default"
lifecycle {
create_before_destroy = true
}
}
resource "aws_api_gateway_domain_name" "backend" {
domain_name = "api.acme.com"
regional_certificate_arn = "arn:aws:acm:xx:certificate/xx"
endpoint_configuration {
types = ["REGIONAL"]
}
}
resource "aws_route53_record" "backend" {
name = aws_api_gateway_domain_name.backend.domain_name
type = "A"
zone_id = data.aws_route53_zone.acme.id
alias {
evaluate_target_health = true
name = aws_api_gateway_domain_name.backend.regional_domain_name
zone_id = aws_api_gateway_domain_name.backend.regional_zone_id
}
}
resource "aws_api_gateway_base_path_mapping" "backend" {
api_id = aws_api_gateway_rest_api.backend.id
domain_name = aws_api_gateway_domain_name.backend.domain_name
# No stage_name: expose all stages
}
根据地形和例子,应该是可以的
我也遵循了许多指南,我有以下要素:
我错过了什么/做错了什么?您观察到了哪些错误或不符合预期的行为?