How do I troubleshoot "Execution failed due to configuration error: Invalid endpoint address" errors from API Gateway?
Last updated: 2022-06-27
I'm seeing "Execution failed due to configuration error: Invalid endpoint address" errors in my Amazon CloudWatch execution logs for Amazon API Gateway. What's causing the error, and how do I fix it?
When communicating with backend HTTP or HTTPS endpoints, API Gateway uses the domain configured in the Endpoint URL value of the method request. Before sending a request to the endpoint URL, API Gateway resolves the domain by performing a Domain Name Server (DNS) resolution. If API Gateway can't resolve the domain in the endpoint URL, then the following error appears in the CloudWatch execution logs:
Execution failed due to configuration error: Invalid endpoint address
To troubleshoot the error, do the following:
1. To confirm successful DNS resolution, run a name resolution command, such as dig or nslookup. If the DNS is resolved successfully, then the command response returns a valid, public IP address.
Note: Use dig for Linux operating systems and nslookup for Windows operating systems, through the system's default command prompt.
Example dig command:
$ dig www.amazon.com ; <<>> DiG 9.10.6 <<>> amazon.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13150 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.amazon.com. IN A ;; ANSWER SECTION: www.amazon.com. 41 IN A 126.96.36.199 ;; Query time: 1 msec ;; SERVER: 10.3.9.10#53(10.3.9.10) ;; MSG SIZE rcvd: 48
Example nslookup command:
$ nslookup amazon.com Server: 10.3.9.10 Address: 10.3.9.10#53 Name: amazon.com Address: 188.8.131.52
2. If the command returns a private IP address within your Amazon Virtual Private Cloud (Amazon VPC), then set up an API private integration.
Note: API Gateway private integrations allow clients outside of your Amazon VPC to access your HTTP and HTTPs resources.
If the command doesn't return a valid, public IP address, then contact your DNS provider. Ask them to confirm that the DNS mappings for the domain are set up correctly.