AWS apigateway documentation change
Summary
Added clarification about private domain name ARN formats and IAM permission considerations.
Security assessment
Clarifies IAM requirements for private domain access, which relates to security configuration. No evidence of addressing a specific vulnerability, but improves security documentation.
Diff
diff --git a/apigateway/latest/developerguide/apigateway-private-custom-domains.md b/apigateway/latest/developerguide/apigateway-private-custom-domains.md index 6808264b0..b8e79e154 100644 --- a//apigateway/latest/developerguide/apigateway-private-custom-domains.md +++ b//apigateway/latest/developerguide/apigateway-private-custom-domains.md @@ -36,0 +37,4 @@ The following considerations might impact your use of private custom domain name + * The private custom domain name ARN contains the `account-id`. When you create a domain name, API Gateway uses the ARN format of `arn:`partition`:apigateway:`region`::/domainnames`. When you access a private custom domain name, you use the ARN format of `arn:`partition`:apigateway:`region`:`account-id`:/domainnames/domain-name`. + +You might need to modify your IAM permissions to allow access to a private domain name after you create it. +