AWS Security ChangesHomeSearch

AWS apigateway documentation change

Service: apigateway · 2025-06-04 · Documentation low

File: apigateway/latest/developerguide/apigateway-private-custom-domains.md

Summary

Updated limitations and routing guidance to include routing rules

Security assessment

Mentions routing rules as a workaround for previous path mapping limitations. While routing configuration can affect security boundaries, the change does not directly address vulnerabilities or document security-specific features.

Diff

diff --git a/apigateway/latest/developerguide/apigateway-private-custom-domains.md b/apigateway/latest/developerguide/apigateway-private-custom-domains.md
index b8e79e154..37c553ceb 100644
--- a//apigateway/latest/developerguide/apigateway-private-custom-domains.md
+++ b//apigateway/latest/developerguide/apigateway-private-custom-domains.md
@@ -53 +53 @@ You might need to modify your IAM permissions to allow access to a private domai
-  * Multi-level base path mapping, such as mapping your private API to `/developers/feature`, isn't supported.
+  * Multi-level base path mapping, such as mapping your private API to `/developers/feature`, isn't supported, but you can use a routing rule to create a multi-level path condition. For more information, see [Send traffic to your APIs through your custom domain name in API Gateway](./rest-api-routing-mode.html).
@@ -68 +68 @@ The following considerations might impact how you use private custom domain name
-  * You can't map a public API to a private custom domain name.
+  * You can't send traffic from a private custom domain name to a public API.