AWS AWSCloudFormation documentation change
Summary
Added documentation example for creating domain name with ROUTING_RULE_ONLY routing mode including TLS 1.2 security policy
Security assessment
The change demonstrates security best practices by including TLS_1_2 security policy configuration, but does not address a specific security vulnerability. It primarily documents a new routing mode feature.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-resource-apigateway-domainname.md b/AWSCloudFormation/latest/TemplateReference/aws-resource-apigateway-domainname.md index f808347ba..6789c251e 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-resource-apigateway-domainname.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-resource-apigateway-domainname.md @@ -216,0 +217,2 @@ The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint. + * Create Domain Name with routing mode ROUTING_RULE_ONLY + @@ -539,0 +542,38 @@ The following example defines the distribution and regional domain names, as wel +### Create Domain Name with routing mode ROUTING_RULE_ONLY + +The following example creates a domain name with a routing mode of `ROUTING_RULE_ONLY`. + +#### JSON + + + { + "MyDomainName": { + "Type": "AWS::ApiGateway::DomainName", + "Properties": { + "DomainName": "api.mydomain.com", + "EndpointConfiguration": { + "Types": [ + "REGIONAL" + ] + }, + "SecurityPolicy": "TLS_1_2", + "RegionalCertificateArn": "arn:aws:acm:us-east-1:111122223333:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3", + "RoutingMode": "ROUTING_RULE_ONLY" + } + } + } + +#### YAML + + + MyDomainName: + Type: AWS::ApiGateway::DomainName + Properties: + DomainName: api.mydomain.com + EndpointConfiguration: + Types: + - REGIONAL + SecurityPolicy: TLS_1_2 + RegionalCertificateArn: arn:aws:acm:us-east-1:111122223333:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3 + RoutingMode: ROUTING_RULE_ONLY +