Amazon API Gateway - AWS GovCloud (US)

Amazon API Gateway

Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. Create an API to access data, business logic, or functionality from your back-end services, such as applications running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any web application.

How Amazon API Gateway Differs for AWS GovCloud (US)

  • Amazon API Gateway edge-optimized API and edge-optimized custom domain name are not supported.

  • Amazon Route 53 Hosted Zone ID for the regional endpoint in the AWS GovCloud (US) region is Z1K6XKP9SAGWDV.

  • HTTP API private integrations aren't supported in AWS GovCloud (US-East).

  • HTTP API private integrations with AWS Cloud Map aren’t supported in AWS GovCloud (US-West).

The following region-specific API Gateway accounts are used for private integrations in GovCloud:

Region Account ID
  • us-gov-west-1

  • us-gov-east-1

  • 291049978687

  • 044865953448

Documentation for Amazon API Gateway

Amazon API Gateway documentation.

ITAR Boundary

AWS GovCloud (US) has an ITAR boundary, which defines where customers are allowed to store ITAR-controlled data for this service in AWS GovCloud (US) Regions. To maintain ITAR compliance, you must place ITAR-controlled data on the applicable part of the ITAR boundary. If you do not have any ITAR-controlled data in AWS GovCloud (US) Regions, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted ITAR-Regulated Data Not Permitted
  • Customers’ APIs are permitted to process ITAR data

API Gateway's configuration metadata is not permitted to contain ITAR-regulated data*, including:

  • API Name

  • API Description

  • Authorizer Name

* However customers can send ITAR-regulated data through the customers’ deployed APIs, with the caveat that downstream systems need to be compliant (e.g. caching cannot be enabled on the API for any ITAR-regulated data)