AWS apigateway documentation change
Summary
Added requirement for policies to cover all API resources/methods when caching is enabled
Security assessment
Emphasizes the need for comprehensive policy coverage to prevent authorization gaps when caching is used, but does not address a specific disclosed vulnerability
Diff
diff --git a/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.md b/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.md index 6040da9de..e8f2df4b0 100644 --- a//apigateway/latest/developerguide/apigateway-use-lambda-authorizer.md +++ b//apigateway/latest/developerguide/apigateway-use-lambda-authorizer.md @@ -43 +43 @@ The following diagram shows the authorization workflow for a Lambda authorizer. -If you enable authorization caching, API Gateway caches the policy so that the Lambda authorizer function isn't invoked again. +If you enable authorization caching, API Gateway caches the policy so that the Lambda authorizer function isn’t invoked again. Ensure that your policy is applicable to all resources and methods across your API.