Amazon API Gateway Management (apigateway)

Additions

Actions

• CreateAccessAssociation
  
  • Description:  Grants permission to create an access association from an access association source to a custom domain name for private APIs
  • Access:  Permissions management
  • Resources: 

    Name: PrivateDomainName

    Required: No

• RejectAccessAssociation
  
  • Description:  Grants permission to reject an existing access association owned by another account to a custom domain name for private APIs
  • Access:  Permissions management
  • Resources: 

    Name: PrivateDomainName

    Required: No

• UpdateDomainNameManagementPolicy
  
  • Description:  Grants permission to update the management policy of a custom domain name for private APIs
  • Access:  Permissions management
  • Resources: 

    Name: PrivateDomainName

    Required: No

• UpdateDomainNamePolicy
  
  • Description:  Grants permission to update the invoke policy of a custom domain name for private APIs
  • Access:  Permissions management
  • Resources: 

    Name: DomainNames

    Required: No

    Name: PrivateDomainName

    Required: No

Resources

• DomainNameAccessAssociation
  
  • Arn:  arn:${Partition}:apigateway:${Region}:${Account}:/domainnameaccessassociations/domainname/${DomainName}/${SourceType}/${SourceId}
• DomainNameAccessAssociations
  
  • Arn:  arn:${Partition}:apigateway:${Region}:${Account}:/domainnameaccessassociations
  • Conditions: 

    apigateway:Request/AccessAssociationSource

    apigateway:Request/DomainNameArn

    aws:ResourceTag/${TagKey}

• PrivateBasePathMapping
  
  • Arn:  arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}+${DomainIdentifier}/basepathmappings/${BasePath}
  • Conditions: 

    aws:ResourceTag/${TagKey}

• PrivateBasePathMappings
  
  • Arn:  arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}+${DomainIdentifier}/basepathmappings
  • Conditions: 

    aws:ResourceTag/${TagKey}

• PrivateDomainName
  
  • Arn:  arn:${Partition}:apigateway:${Region}:${Account}:/domainnames/${DomainName}+${DomainIdentifier}
  • Conditions: 

    apigateway:Request/EndpointType

    apigateway:Resource/EndpointType

    aws:ResourceTag/${TagKey}

Conditions

• apigateway:Request/AccessAssociationSource
  
  • Description:  Filters access by access association source. Available during the CreateDomainNameAccessAssociation operation
  • Type:  String
• apigateway:Request/DomainNameArn
  
  • Description:  Filters access by domain name ARN. Available during the CreateDomainNameAccessAssociation operation
  • Type:  ARN

Updates

Actions

• GET
  
  Resources
  
  • ＋ DomainNameAccessAssociation
  • ＋ PrivateBasePathMapping
  • ＋ PrivateDomainName
• PATCH
  
  Resources
  
  • ＋ DomainNameAccessAssociations
  • ＋ PrivateBasePathMapping
  • ＋ PrivateBasePathMappings
  • ＋ PrivateDomainName
• POST
  
  Resources
  
  • ＋ PrivateBasePathMapping
  • ＋ PrivateDomainName
• PUT
  
  Resources
  
  • ＋ DomainNameAccessAssociations
  • ＋ PrivateBasePathMappings