AWS Security ChangesHomeSearch

AWS apigateway documentation change

Service: apigateway · 2025-04-23 · Documentation low

File: apigateway/latest/developerguide/websocket-api-protect.md

Summary

Added documentation on protecting WebSocket APIs using SSL certificates and throttling, with a link to SSL configuration guide.

Security assessment

The change introduces information about using SSL certificates and throttling as security features for WebSocket API protection. While these are security-related topics, the update does not address a specific vulnerability but rather documents existing security capabilities.

Diff

diff --git a/apigateway/latest/developerguide/websocket-api-protect.md b/apigateway/latest/developerguide/websocket-api-protect.md
index 191fbbca1..1e7bc3718 100644
--- a//apigateway/latest/developerguide/websocket-api-protect.md
+++ b//apigateway/latest/developerguide/websocket-api-protect.md
@@ -8,0 +9,2 @@ Account-level throttling per RegionRoute-level throttling
+API Gateway provides a number of ways to protect your API from certain threats, like malicious users or spikes in traffic. You can protect your API using strategies like generating SSL certificates or setting throttling targets. For more information about generating SSL certificates, see [Generate and configure an SSL certificate for backend authentication in API Gateway](./getting-started-client-side-ssl-authentication.html). The rest of this section covers setting throttling targets.
+