Amazon API Gateway Supports Cross-Account AWS Lambda Authorizers and Integrations
You can now use an AWS Lambda function from a different AWS account as the Lambda Authorizer or Integration backend for your Amazon API Gateway API Methods. This allows for better management and security controls when working across different teams that may have their own AWS accounts.
Previously, you could only use AWS Lambda functions from the same account as API Gateway to use Lambda Authorizer and Integration backend.
The AWS Lambda Authorizer is a Lambda function used to control access to your API. The AWS Lambda Authorizer uses bearer token authentication strategies such has OAuth or SAML. With cross-account Lambda authorizers, you can create a central authorization function that can be used across multiple Amazon API Gateway APIs. Visit our documentation to learn more about Lambda Authorizers.
You can now also use an AWS Lambda function from a different AWS account as your API integration backend. This makes it easy to centrally manage and share the AWS Lambda Integration function across multiple APIs. For more information about cross-account Lambda integrations in Amazon API Gateway, visit our documentation.
You can use AWS SDKs or AWS CLI to enable cross-account access for a Lambda function to be used as Lambda authorizer and Integrations in Amazon API Gateway.
Cross-Account AWS Lambda Authorizers and Integrations for Amazon API Gateway is available in all regions where API Gateway is available. For more information on where Amazon API Gateway is available, see the AWS region table. Please visit our product page for more information about Amazon API Gateway.