Control: AWS > API Gateway > VPC Link V2 > Allowed > Region

Take an action when an AWS API Gateway vpc link v2 is created in a region that is not allowed.

The Allowed > Region control checks if the vpc link v2 is created in an allowed region based on the Allowed > Region > * policies. If the vpc link v2 is created in a region that is not in the allowed list, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete if region not allowed and vpc link v2 is new, this control will only take the enforcement actions for resources created within the last 60 minutes.

Resource Types

This control targets the following resource types:

AWS > API Gateway > VPC Link V2

Policies

The following policies can be used to configure this control:

AWS > API Gateway > VPC Link V2 > Allowed > Region

This control type relies on these other policies when running actions:

AWS > API Gateway > VPC Link V2 > Allowed > Region > Regions

Permissions

Cloud permissions used by this control and its actions:

apigatewayv2:DeleteVpcLink

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-apigateway#/control/types/vpcLinkV2AllowedRegion

Category URI

tmod:@turbot/turbot#/control/categories/resourceAllowed

GraphQL

query controlType(id: "tmod:@turbot/aws-apigateway#/control/types/vpcLinkV2AllowedRegion") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-apigateway#/control/types/vpcLinkV2AllowedRegion'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-apigateway#/control/types/vpcLinkV2AllowedRegion"