API Gateway Resource Policy


#1

Amazon just introduced API Gateway Resource Policy
This is fine for static authorizers eg ip whitelistings.
https://aws.amazon.com/about-aws/whats-new/2018/04/amazon-api-gateway-supports-resource-policies/

eg : https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-resource-policies-examples.html

How to apply this with serverless.yml


#2

Thanks to post this update.

My understand is, serverless framework only takes care of lambda iam role and its policy in block of provider -> iamRoleStatements

If you need manage IAM role to API Gateway, you can directly copy/paste the sample codes from your URLs to Resources block, as normal cloudformation json/yaml codes.