Troubleshooting Gateway Integrations
API Gateway masks unhandled errors (such as a missing resources), with a
403 Not Authorized response. If anything goes wrong when talking to the back-end service, you’ll only see that error instead of useful troubleshooting information. This is great from a security perspective, because it prevents sensitive data leaks, but it’s a major pain for troubleshooting problems. Here are just some of the cases when you’ll see this generic error:
- If the request does not even reach the Lambda function, for example, due to misconfigured authorisation or resource configuration problems.
- If the function blows up without returning a proper response.
- If the function returns a response that’s not in the exact format that API Gateway expects.
The Resources screen in the API Gateway Web Console is super useful for troubleshooting integration problems. When you get a 403 response and it’s baffling you, navigate to the web console page for the API Gateway resource and click the Test link in the Client box (see the left side of the figure given below).