AWS apigateway documentation change
Summary
Added clarification about authorization workflow consistency with custom domain names for private APIs
Security assessment
Documentation improvement about workflow consistency, no security implications or feature additions
Diff
diff --git a/apigateway/latest/developerguide/apigateway-authorization-flow.md b/apigateway/latest/developerguide/apigateway-authorization-flow.md index ae8bfe3c3..4a428170c 100644 --- a//apigateway/latest/developerguide/apigateway-authorization-flow.md +++ b//apigateway/latest/developerguide/apigateway-authorization-flow.md @@ -63 +63 @@ In this workflow, a Lambda authorizer is configured for the API in addition to a -The following example resource policy allows calls only from the VPC endpoint whose VPC endpoint ID is ``vpce-1a2b3c4d``. During the "pre-auth" evaluation, only the calls coming from the VPC endpoint indicated in the example are allowed to move forward and evaluate the Lambda authorizer. All remaining calls are blocked. +The following example resource policy allows calls only from the VPC endpoint whose VPC endpoint ID is ``vpce-1a2b3c4d``. During the "pre-auth" evaluation, only the calls coming from the VPC endpoint indicated in the example are allowed to move forward and evaluate the Lambda authorizer. All remaining calls are blocked. This authorization workflow is the same if you use a custom domain name for a private API.