Posted On: Apr 11, 2018

You can now attach resource policies to APIs in Amazon API Gateway, making it easier to set access controls for invoking your APIs.

Resource policies are JSON policy documents that control what actions a user or account can perform on an API, and under what conditions. These policies enable you to let users from other AWS accounts securely access your APIs in Amazon API Gateway. You can also use resource policies to restrict access to certain IP address ranges or CIDR blocks. Other examples of using resource policies for an API in Amazon API Gateway can be found here.

You can add resource policies to an API using the AWS Management Console, AWS CLI, or AWS SDKs. Please visit our documentation to learn more about resource policies for Amazon API Gateway.

Resource policies for Amazon API Gateway is available in all regions where API Gateway is available. For more information on where Amazon API Gateway is available, visit the AWS region table. Please visit our product page for more information about Amazon API Gateway.