AWS GovCloud (US)
User Guide

Amazon API Gateway

The following list describes the differences for using this service in the AWS GovCloud (US) Region compared to other AWS regions:

  • At this time, the service endpoint does not support FIPS 140-2.

  • To request a custom domain for AWS GovCloud (US), open a support case. This is not currently available through the console.

  • To use the AWS CLI, you must update your service model, which can be downloaded from apigateway-regional-endpoints.json. For instructions on how to add the service model to the AWS CLI see the add-model command.

For more information about Amazon API Gateway, see the Amazon API Gateway documentation.

ITAR Boundary

The ITAR boundary defines where customers are allowed to store ITAR-regulated data for this service in the AWS GovCloud (US) Region. You must comply with the boundaries in order to maintain ITAR compliance. If you do not have any ITAR-regulated data in the AWS GovCloud (US) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted ITAR-Regulated Data Not Permitted
  • Customers’ APIs are permitted to process ITAR data

API Gateway's configuration metadata is not permitted to contain ITAR-regulated data*, including:

  • API Name

  • API Description

  • Authorizer Name

* However customers can send ITAR-regulated data through the customers’ deployed APIs, with the caveat that downstream systems need to be compliant (e.g. caching cannot be enabled on the API for any ITAR-regulated data)

On this page: