Disable the default endpoint for REST APIs - Amazon API Gateway
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Disable the default endpoint for REST APIs

By default, clients can invoke your API by using the execute-api endpoint that API Gateway generates for your API. To ensure that clients can access your API only by using a custom domain name, disable the default execute-api endpoint. Clients can still connect to your default endpoint, but they will receive a 403 Forbidden status code. When you disable the default endpoint, it affects all stages of an API.

The following procedure shows how to disable the default endpoint for a REST API.

Amazon Web Services Management Console

  1. Sign in to the API Gateway console at https://console.amazonaws.cn/apigateway.

  2. Choose a REST API.

  3. On the main navigation pane, choose API settings.

  4. Choose an API.

  5. On API details, choose Edit.

  6. For Default endpoint, select Inactive.

  7. Choose Save changes.

  8. On the main navigation pane, choose Resources.

  9. Choose Deploy API.

  10. Redeploy your API or create a new stage for the change to take effect.

Amazon CLI

The following update-rest-api command shows how to disable the default endpoint: 

aws apigateway update-rest-api \
    --rest-api-id abcdef123 \
    --patch-operations op=replace,path=/disableExecuteApiEndpoint,value='True'

After you disable the default endpoint, you must deploy your API for the change to take effect.

The following create-deployment command creates a deployment:

aws apigateway create-deployment \
    --rest-api-id abcdef123 \
    --stage-name dev