How can I disable the API Gateway default endpoint for REST or HTTP APIs?
Last updated: 2022-08-26
I want to allow clients to invoke my APIs only using the custom domain name. How can I deactivate the default API execute-api endpoint URL for Amazon API Gateway REST or HTTP APIs?
Short description
API Gateway REST APIs and HTTP APIs use a default API endpoint in the following format: "https://{api_id}.execute-api.{region}.amazonaws.com". If you use a custom domain name for your API Gateway REST or HTTP APIs, you can deactivate the default endpoint. This allows all traffic to route to your APIs through the custom domain name.
Resolution
Follow these steps to disable the default endpoint using the API Gateway console, AWS Command Line Interface (AWS CLI), or AWS CloudFormation.
Note:
- If you receive errors when running AWS CLI commands, make sure that you’re using the most recent version of the AWS CLI.
- After you activate or deactivate the default endpoint, a deployment is required for the update to take effect.
API Gateway console
REST API
- Open the API Gateway console.
- In the navigation pane, choose APIs, and then choose your REST API.
- In the navigation pane, choose Settings.
- For the Default Endpoint, choose Disabled, and then choose Save Changes.
- In the navigation pane, choose Resources, Actions, and then choose Deploy API.
HTTP API
- Open the API Gateway console.
- In the navigation pane, choose APIs, and then choose your HTTP API.
- In the navigation pane, choose Settings.
- For the Default Endpoint, choose Disabled, and then choose Save Changes.
- In the navigation pane, choose Resources, Actions, and then choose Deploy API.
AWS CLI
REST API
Run the AWS CLI command update-rest-api similar to the following:
aws apigateway update-rest-api --rest-api-id abcdef123 --patch-operations op=replace,path=/disableExecuteApiEndpoint,value='True'
To deploy the updated API, run the AWS CLI command create-deployment similar to the following
aws apigateway create-deployment --rest-api-id abcdef123 --stage-name dev
Note: Replace api_id abcdef123 and stage_name dev with your REST API ID and respective stage.
HTTP API
Run the AWS CLI command update-api similar to the following:aws apigatewayv2 update-api --api-id abcdef123 --disable-execute-api-endpoint
To deploy the updated API, run the AWS CLI command create-deployment similar to the following:
aws apigatewayv2 create-deployment --api-id abcdef123 --stage-name dev
Note: Replace api_id abcdef123 and stage_name dev with your HTTP API ID and respective stage.
CloudFormation template
To disable the default endpoint from a CloudFormation template, you can set the DisableExecuteApiEndpoint parameter to True. Update the CloudFormation template for REST API or HTTP API.
Important: Disabling the default endpoint results in HTTP 403 Forbidden errors if the API is invoked using the default endpoint URL.
Related information
Did this article help?
Do you need billing or technical support?