By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement . We’ll occasionally send you account related emails.

This is a (Bug Report / Feature Proposal)

I noticed that serverless 1.26.0 released and merged #4665 , so I hope I can deploy to cn-north-1 but still have some problems and the biggest problem is {"Message":null} responsed when I call the api.

Description

Update to serverless 1.26.0 and change serverless code just as #4615 and change endpoint type to REGIONAL because EDGE is not supported in China. then run sls deploy and I finally success deploy it. But the outputs still error it should be something like https://xxx.execute-api.cn-north-1.amazonaws.com.cn not https://xxx.execute-api.cn-north-1.amazonaws.com
For bug reports:

What went wrong?
When I click this link https://jnueoirgfe.execute-api.cn-north-1.amazonaws.com.cn/dev/test I hope outputs is {"name":"chun"} but is {"Message":null} and no logs in cloudwatch, only log group created. Then I give the lambda role admin permission still not work.

What did you expect should have happened?
When click the link above should response {"name":"chun"}

What was the config you used?
service: api-ssyer

frameworkVersion: ">=1.1.0 <2.0.0"

plugins:

provider:
name: aws
runtime: nodejs6.10
stage: dev # Set the default stage used. Default is dev
region: cn-north-1 # cn-north-1 #us-west-2 # Overwrite the default region used. Default is us-east-1
memorySize: 512 # Overwrite the default memory size. Default is 1024
timeout: 10 # The default is 6 seconds. Note: API Gateway current maximum is 30 seconds

functions:

test:
handler: test.index
events:
- http:
path: test
method: get

Additional Data

Since our company want to release this app within next weekend , so if any one known how to fix this please tell me, other region of aws is slow in China every api call may take almost 1-2 seconds.

I notice that they haven't merge #4665 yet. I try to deploy with americansystems/serverless#sls-govcloud successful except API Gateway.

I'm interesting how you resolve the api gateway issue in cn-north-1 region?

It should response {"msg":"hello","code":100} but response {"Message":null} maybe it just aws China issue.

What your problem by ask me how resolve the api gateway issue? @cncolder

I setup api gateway by AWS Console point my demo lambda. Then invoke by httpie :

http https://l0b5oc706k.execute-api.cn-north-1.amazonaws.com.cn/dev/hello
HTTP/1.1 403 Forbidden
Connection: keep-alive
Content-Length: 16
Content-Type: application/json
Date: Fri, 02 Feb 2018 05:16:10 GMT
x-amzn-ErrorType: AccessDeniedException
x-amzn-RequestId: 2e36be20-07d8-11e8-8650-2d6d077e32af
    "Message": null
It seems {"message": null} is response body of 403.
          
@cncolder 我的域名已经备案了，IAM 也已经指定，但是依然是 403 ，{ Message: null }
明白了，我之前已经在别处备案，用aws时，之前的备案是需要在光环新网上新增接入录入的。
关于备案要求的链接
在您可以使用AWS中国（北京）区域或AWS中国（宁夏）区域托管公共内容之前，您可能会被要求出示您适用的 ICP备案或 ICP 许可证。
Feature Availability and Implementation Differences
The following API Gateway features are either unavailable in the Beijing and Ningxia Regions or require an ICP license:
API Gateway serves unauthenticated API requests only if the API owner’s Amazon AWS account is associated with a valid ICP license. As a result, creating an API using a Lambda authorizer or no authorizer requires an ICP license.
You can configure an API using a custom authorizer or no authorizer, but the API can only be accessed if your Amazon AWS account is associated with an ICP license.
You cannot use Alias A records for custom domain names. You must create a CNAME that points to the regional custom domain endpoint.
功能可用性和实施区别
以下 API 网关 功能在 北京和宁夏区域 不可用或需要 ICP 许可证：
API 网关 仅在 API 所有者的 Amazon AWS 账户与有效的 ICP 许可证关联时才提供未经身份验证的 API 请求。因此，使用 Lambda 授权方或不使用授权方创建 API 时需要 ICP 许可证。
您可以使用自定义授权方或不使用授权方配置 API，但只有 Amazon AWS 账户与 ICP 许可证关联时才能访问该 API。
无法为自定义域名使用别名 A 记录。必须创建指向区域自定义域终端节点的 CNAME。
          
@ijustyce @wrluo @hengbenkeji  解决了，现在可以访问了。

首先我花了一个月时间进行了ICP备案，但是备案完成后在依然是{"Message": null}，说明和备案没有关系。
后来我重新开工单问，AWS打电话来跟我说我们要使用APIGateway，他们会帮我申请开通，叫我等一下就行了，过了一个多小时就收到邮件开通了。然后就能正常访问了，而且不用自定义域名，用 invoke URL 就能访问。
下面是截图，大家可以参考
          
I encountered the typical issue of receiving a 403 error when accessing the HTTP gateway in the cn-northwest-1 region where I have deployed. Initially, I thought that adding authentication verification to the HTTP requests was necessary, so I spent two days troubleshooting without success. Eventually, I reached out to customer support for assistance, and received an email with the resolution after one hour. At this point, I was able to use the HTTP gateway without the need for authentication.

我部署在中国的区域cn-northwest-1，我也遇到了通常http gateway访问返回403的问题，起初我以为需要为http加入auth验证，折腾2天无果。最后我联系了售后处理，1小时后收到处理结果的邮件，此时已经能在无需要验证的情况下正常使用。