Search code examples
pythoncertificateaws-cdkamazon-route53api-gateway

API gateway LambdaRestApi custom domain gets ECONNREFUSED Error upon requests

I've looked at some other posts, but this one is the closest question I could find that might be close to what I'm experiencing. I'm just not that clear on it from what was stated in the answer.

I'm creating an LambdaRestAPI through API gateway and attempting to use a route53 hosted zone to use as domain of my endpoint. I've created all of this using aws-cdk, which seems to work except when I am creating the alias record to connect to the custom domain of my api.

My aws-cdk code is shown below.

from aws_cdk import (
    Stack,
    aws_apigateway as apigateway,
    aws_lambda as lambda_,
    aws_iam as iam,
    aws_ecr as ecr,
    aws_route53 as route53,
    aws_route53_targets as targets,
    aws_certificatemanager as cman
)
from constructs import Construct


class ApiStack(Stack):

    def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
        super().__init__(scope, construct_id,  **kwargs)

        repo_ = ecr.Repository.from_repository_arn(self,
                    'repo',
                    repository_arn=<image_arn>
                        
        tag_ = <image_tag>

        backend = lambda_.DockerImageFunction(self, 'myLambda',
                    code=lambda_.DockerImageCode.from_ecr(repository=repo_,
                                                          tag=tag_),
                    architecture=lambda_.Architecture.X86_64
                  )

        certificate = cman.Certificate.from_certificate_arn(self,
                                                            'cert', <cert ARN>
                                                            )

        api = apigateway.LambdaRestApi(self, "myAPI",
            handler=backend,
            proxy=False,
            endpoint_configuration=apigateway.EndpointConfiguration(
                                        types=[apigateway.EndpointType.REGIONAL]),
            domain_name=apigateway.DomainNameOptions(
                                    domain_name=<custom-domain-name>,
                                    certificate=certificate
    )
        )

        hosted_zone = route53.HostedZone.from_lookup(self, 'myHostedZone',
                                                domain_name=<hosted-zone-domain-name>)
                                                     )

        route53.ARecord(self, 'Arecord',
                        zone=hosted_zone,
                        target=route53.RecordTarget.from_alias(targets.ApiGateway(api)),
                        record_name=<domain-name>
                        )

When I hit the invoke url, everything works fine. However, when I try to hit the custom domain linked to my API or the route53 alias, I get Error: connect ECONNREFUSED

From the post I shared above, I think it might have something to do with HTTP vs HTTPS requests, but I don't feel like I know enough to explore that thoroughly.

Any ideas why I cannot hit my custom domain?

Solution

  • So it looks like everything was fine. I didn't know, but if you don't specify to use HTTPS in your domain, it will default to HTTP. So I was trying to call http:a.example.com when I should have been calling https://a.example.com API gateway doesn't support HTTP with custom domains.

    All credit goes to the person that answered the question on this post.

    api gateway regional custom domain is not working