Skip to main content
Feedback

Using Policies with Gateway APIs

To use a policy with your API via APIs, you must:

  1. Create a DeployedApiPolicyRule that specifies the rule to use, configuration for the rule, and the HTTP methods of the requests that the rule should be applied to. After you have created a DeployedAPIPolicyRule you can modify, delete, or query it.

    note

    The DeployedApiPolicyRule is not specific to an API. After it is created, it can be assigned to one or more APIs. GraphQL APIs are provided for creating DeployedApiPolicyRule, querying existing DeployedApiPolicyRules, and assigning a DeployedApiPolicyRule to a deployment. Each GraphQL request must include a X-Account header, the value of the header is the user’s account identifier.

  2. Assign the DeployedApiPolicyRule to your API deployed on an API Gateway.