Block creating public API Gateway endpoints

My customer wants to block their organization from creating Edge and Regional API Gateway endpoints (only allowing private).

I can't find a way to do this with an SCP since there is no action or condition around creating the API.

Any suggestions?

Topics

Serverless Front-End Web & Mobile Networking & Content Delivery

Tags

Amazon API Gateway

Language

English

AWS-User-0383606

asked 4 years ago884 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Accepted Answer

In that case the best way to do it is using AWS Config. Create custom AWS Config Rule if not already present to trigger a lambda function on creation or modification of APIGateway endpoint. Test the conditions in Lambda and take an action to either delete the endpoint and modify it to private.

MODERATOR

AWS-User-3370198

answered 4 years ago

Relevant content

VPC endpoint for Regional API Gateway
CloudArav
asked 8 months ago
Accessing API Gateway both Public and Private endpoint
Accepted Answer
AWS-User-3510581
asked 3 years ago
Regional custom domain name on Edge API Gateway API
Accepted Answer
Nochum
asked 6 months ago
Restrict access to custom endpoint api gateway.
Mizael Barros
asked 8 months ago
How do I allow only specific IP addresses to access my API Gateway REST API?
AWS OFFICIALUpdated 8 days ago
How can I troubleshoot latency issues for my edge-optimized API endpoint in API Gateway?
AWS OFFICIALUpdated a year ago
How do I troubleshoot issues when connecting to an API Gateway private API endpoint?
AWS OFFICIALUpdated a year ago
How can I set up a custom domain name for my API Gateway API?
AWS OFFICIALUpdated 2 years ago
VPC IP Address Manager's 'Public IP Insights': A free and simple feature for customers to get insights on their public IPv4 usage
EXPERT
Nawaz
published 5 months ago
How do I find IP addresses of SMTP Clients behind a NAT gateway?
EXPERT
Jonathan_D
published 10 months ago