AWS API Gateway (IAM)

aws networking

Creates, publishes, maintains, monitors, and secures REST, HTTP, and WebSocket APIs at any scale.

Common permissions

apigateway:GetPortalapigateway:ListPortalsapigateway:GetProductPageapigateway:ListProductPagesapigateway:GetRoutingRuleapigateway:ListRoutingRules

Least-privilege example

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "apigateway:GetPortal",
        "apigateway:ListPortals",
        "apigateway:GetProductPage",
        "apigateway:ListProductPages",
        "apigateway:GetRoutingRule",
        "apigateway:ListRoutingRules"
      ],
      "Resource": "*"
    }
  ]
}

Warnings

Avoid apigateway:* — grants full control including creating, updating, and deleting APIs and their configurations.
Avoid apigateway:DeletePortal — allows deletion of portals, causing loss of API configurations.

Resources

AWS referenceservicereference.us-east-1.amazonaws.com/v1/apigateway/apigateway.json ↗

API

full doc /v1/iam/apigateway