0

I have a aws api gateway hosted in mumbai(ap-south-1). I am trying to add a custom domain to the endpoint.

I created a ACM certificate in the same region and created a Custom Domain Name in the api gateway. The api gateway allowed me to use the ACM certificate only in regionalised(ap-south-1) endpoint configuration and not edge(us-east-1) optimised configuration. This is resulting in a target domain in the format as

*.ap-south-1.amazonaws.com

and not in the cloudfront format like

*.cloudfront.net

After creating the custom domain name(api.mydomain.com) I tried to add it to the hosted zone in route53.

When I try to Create Record Set using target domain in above format(*.ap-south-1.amazonaws.com), I am getting an error

The record set could not be saved because: - Alias Target contains an invalid value.

enter image description here

I tried by creating the certificate in us-east-1 and creating an edge optimised endpoint. Here I got the cloudfront endpoint. But when I try to access the endpoint, I am getting forbidden exception.

4

1 回答 1

0

发现我们必须使用来自 us-east-1(弗吉尼亚北部)地区的证书并自己获取云端端点。如果他们在 53 号路由中不支持区域端点,我不确定他们为什么允许它们。

对于禁止的错误,我没有使用正确的 url(在端点创建中使用 v1)。

于 2018-04-11T11:51:16.010 回答