Posted On: May 23, 2019

Amazon API Gateway now offers tag-based access control using AWS Identity and Access Management (IAM) policies, allowing you to set more fine-grained access controls for all API Gateway resources. Tags are simple key-value pairs that you can define on API Gateway resources to categorize them by purpose, owner, or other criteria. 

Previously, API Gateway supported tags on Stages for getting more visibility into costs. With tagging support for all top-level API Gateway resources, we also enabled you to create policies based on those tags to give permissions at various levels. For example, you can give full access to admins and limited access to developers. To see the complete list of top-level API Gateway resources and to learn more about how to use tags to control access, read our documentation.

You can tag API Gateway resources using the API Gateway Management Console, AWS CLI, or AWS SDK. For more information about API Gateway, visit the product page. Tag-based access control is available in all regions where API Gateway is available. To see all regions where API Gateway is available, see the AWS region table.