Question: I'm encountering an issue where I'm unable to access certain AWS API Gateway endpoints from within the same VPC, and I'm looking for guidance on troubleshooting and resolving this problem. Here are the details of my setup and the problem I'm facing:
Problem Description: I have multiple API Gateway endpoints that are publicly accessible and do not require any form of verification. However, I'm having trouble accessing the endpoints that use RDS Proxy and are located within a private VPC. The private VPC is correctly routed to a NAT gateway, which has proper access to the public internet. When I try to access these API endpoints from within the same VPC, I receive a "ForbiddenException" response.
Error Messages:
When making requests using Python Requests library:
import requests
headers = {'Content-Type': 'application/json'}
response = requests.get("https://xxxxxx.execute-api.xxxxxx.amazonaws.com/prod/get-article?id=2", headers=headers)
print(response.text) # {"message":"Forbidden"}
< HTTP/1.1 403 Forbidden
< Server: Server
< Date: Mon, 06 Nov 2023 00:56:57 GMT
< Content-Type: application/json
< Content-Length: 23
< Connection: keep-alive
< x-amzn-RequestId: <your-request-id>
< x-amzn-ErrorType: <your-error-type>
< x-amz-apigw-id: <your-apigw-id>
...
{"message":"Forbidden"}
I would appreciate any insights or suggestions on how to diagnose and resolve this issue. Thank you!
Things I Have Tried:
- Changing the VPC for the relevant Lambda functions.
- Disabling CORS and changing headers to accept all traffic.
- Rebuilding the API Gateway and redeploying the API.
- Testing IAM permissions for Lambda execution.
- Opening local firewall and VPC route table for ports 80 and 443.
- Disabling Nginx and opening corresponding ports.