使用 Terraform 将现有 known-good API 网关端点连接到 Route53 子域需要什么?

What are all the things that I need to connect an existing known-good API gateway endpoint to a Route53 subdomain with Terraform?

这是我目前的代码,希望我得到了所有相关的东西。 API 网关已部署并正常工作,已经有一段时间了。我们的应用程序当前指向 xxxyyyzz12.execute-api.us-west-2.amazonaws.com 端点并且工作正常。但我需要将其路由到子域 ui-backend.app-name-here-dev.company.services.

data "aws_acm_certificate" "app_name_dev_wildcard_cert" {
  domain   = "*.app-name-here-dev.company.services"
  statuses = ["ISSUED"]
}

// pull in the existing zone (defined by devops) via a data block
data "aws_route53_zone" "myapp_zone" {
  name = local.domain
}

resource "aws_route53_record" "ui_backend" {
  name    = aws_apigatewayv2_domain_name.ui_backend_api_gateway.domain_name
  type    = "A"
  zone_id = data.aws_route53_zone.myapp_zone.zone_id

  alias {
    name                   = aws_apigatewayv2_domain_name.ui_backend_api_gateway.domain_name_configuration[0].target_domain_name
    zone_id                = aws_apigatewayv2_domain_name.ui_backend_api_gateway.domain_name_configuration[0].hosted_zone_id
    evaluate_target_health = false
  }
}

resource "aws_apigatewayv2_domain_name" "ui_backend_api_gateway" {
  domain_name = "${local.subdomain}.${local.domain}"
  domain_name_configuration {
    certificate_arn = data.aws_acm_certificate.app_name_dev_wildcard_cert.arn
    endpoint_type   = "REGIONAL"
    security_policy = "TLS_1_2"
  }
}

locals {
  // trimmed
  domain    = "app-name-here${var.envToZoneName[var.environment]}.company.services"
  subdomain = var.deploymentNameModifier == "" ? "ui-backend" : "ui-backend-${var.deploymentNameModifier}"
}

但是当我尝试使用 curl(适用于 xxxyyyzz12.execute-api.us-west-2.amazonaws.com 的那个)时,我收到了 403。我添加了 x-apigw-api-id: 153utdsv9h header 但它没有帮助。我一定是缺少资源。

好吧,16 个小时过去了,没有 answers/comments。这是缺少的东西:

resource "aws_apigatewayv2_api_mapping" "ui_backend_to_subdomain" {
  api_id      = aws_apigatewayv2_api.ui_backend_gateway.id
  domain_name = aws_apigatewayv2_domain_name.ui_backend_api_gateway.domain_name
  stage       = aws_apigatewayv2_stage.ui_backend.id
}