I can call my AWS API Gateway from anywhere else with no problem, but when I try from my Heroku app, I always get Forbidden Exceptions.
I have an API Key secured API (no Authentication). But, I even created a brand new API with no api key required at all, still the problem persists and I keep getting Forbidden Exceptions.
I'm logging from inside the application and I can see that the endpoint (and the api key in the API which needs it) is correct. Looking at Cloud Watch logs, I see that the api key value from header to be empty.
Is AWS blocking access from Heroku?
I found the reason. During the development process the API Gateway had an IP rule created to the firewall, which was blocking requests from Heroku. It was the firewall attached to the API Gateway, which was blocking the traffic from the production environment of Heroku. Rule corrected and everything works now as expected.