0

I've set up an API gateway with an OpenAPI spec and Lambda integration via CloudFormation. It's deployed correctly and all methods and resources are displayed etc. If I call one of my POST, PATCH or DELETE methods (or even OPTIONS!), they successfully reach my lambda function and returns as expected. However, as soon as I call one of my endpoints using a GET or HEAD method - either a GET endpoint that exists, or a non-existing GET method such as /foobar, all I get is a HTTP 403 with HTML content instead of JSON:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Bad request.
We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
<BR clear="all">
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID: ju-yNp9QlyjqrAFHC3xR9DkO0N9DaPK2BcVQlpeswPMEerwErwdDUw==
</PRE>
<ADDRESS>
</ADDRESS>
</BODY></HTML>

The headers only include X-Cache: Error from Cloudfront, none of the regular API gateway headers are there, such as x-amzn-ErrorType. I believe the request doesn't even reach my API gateway.

I'm calling my xxxxxxxx.execute-api.eu-west-1.amazonaws.com URL, so CloudFront is not manually put in front, but I guess API gateway itself uses CloudFront. Is caching for some reason enabled for my GET endpoints? In my API gateway stage params, "API cache" is disabled, and I cannot find anything else remotely related to CloudFront or caching.

My API and its integration looks like this:

  /mypath:
    get:
      x-amazon-apigateway-integration:
        type: aws_proxy
        passthroughBehavior: when_no_match
        httpMethod: POST
        uri: arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:xxxxxxxxx:function:${stageVariables.LambdaName}/invocations
        requestParameters: {}
        responses:
          '200':
            statusCode: '200'
          '400':
            statusCode: '400'

This kind of integration works for all non-GET requests, but causes this strange error for all GET requests. I have DEFAULT_4XX responses in place, and that works too for all other methods, such as POST /something-non-existing - that renders my custom response fine. I have no HTML content configured anywhere, so why does this happen?

Improve this question

1 Answer 1

Reset to default
0

Turns out this happens only when I try to do a GET with a request body. I was using Postman and by accident I had kept my request body from a previous POST request. When I remove the body, the GET requests work.

I haven't found any way to prevent this strange handling of "body not permitted with GET or HEAD".

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.