How do I troubleshoot "Execution failed due to configuration error: Invalid endpoint address" errors from API Gateway?

Last updated: 2021-04-22

I'm seeing "Execution failed due to configuration error: Invalid endpoint address" errors in my Amazon CloudWatch execution logs for Amazon API Gateway. What's causing the error, and how do I fix it?

Short description

When communicating with backend HTTP or HTTPS endpoints, API Gateway uses the domain configured in the Endpoint URL value of the method request. Before sending a request to the endpoint URL, API Gateway resolves the domain by performing a Domain Name Server (DNS) resolution. If API Gateway can't resolve the domain in the endpoint URL, the following error appears in the CloudWatch execution logs:

Execution failed due to configuration error: Invalid endpoint address

Resolution

To troubleshoot the error, do the following:

1.    To confirm successful DNS resolution, run a name resolution command, such as nslookup or dig.
Note: The command response should return a valid, public IP address.

(For Linux operating systems) Example dig command

$ dig www.amazon.com

; <<>> DiG 9.10.6 <<>> amazon.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13150
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.amazon.com.    IN    A

;; ANSWER SECTION:
www.amazon.com.        41    IN    A    54.239.17.6

;; Query time: 1 msec
;; SERVER: 10.3.9.10#53(10.3.9.10)
;; MSG SIZE rcvd: 48

(For Windows operating systems) Example nslookup command

$ nslookup amazon.com
Server: 10.3.9.10
Address: 10.3.9.10#53

Name: amazon.com
Address: 54.239.25.192

2.     If the command returns a private IP address within your Amazon Virtual Private Cloud (Amazon VPC), set up an API private integration.
Note: API Gateway private integrations allow clients outside of your Amazon VPC to access your HTTP and HTTPs resources.

-or-

If the command doesn't return a valid, public IP address, contact your DNS provider. Then, ask them to confirm that the DNS mappings for the domain are set up correctly.


Did this article help?


Do you need billing or technical support?