All Products
Search
Document Center

API Gateway:API Gateway-EventBridge service-linked role

Last Updated:Jun 12, 2024

This topic describes the scenario of using the API Gateway-EventBridge service-linked role AliyunServiceRoleForApigatewayPutEventsToEventBridge and how to delete the service-linked role.

Background

The API Gateway-EventBridge service-linked role AliyunServiceRoleForApigatewayPutEventsToEventBridge is a RAM role provided by API Gateway to upload events to your event bus. For more information, see the topics about service-linked roles.

Scenarios

When you create a backend service of the EventBridge type, API Gateway prompts you to create the AliyunServiceRoleForApigatewayPutEventsToEventBridge service-linked role. When you create and call APIs that use the backend service, API Gateway uses this service-linked role to obtain the permissions to upload events to your event bus.

Role description

Role name: AliyunServiceRoleForApigatewayPutEventsToEventBridge Policy attached to the role: AliyunServiceRolePolicyForApigatewayPutEventsToEventBridge Policy content:

{
  "Version": "1",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "eventbridge:PutEvents", 
      "Resource": "*"
    }
  ]
}

Delete the AliyunServiceRoleForGwsDiskEncryption role

If you want to delete the AliyunServiceRoleForApigatewayPutEventsToEventBridge service-linked role, you must first delete the backend services and APIs that depend on the service-linked role. Procedure:

  1. Log on to the API Gateway console. In the left-side navigation pane, choose Manage APIs > Backend Services.

  2. On the Backend Services page, find the backend service that you want to manage and click Delete in the Actions column. You can search for an EventBridge backend service by using the Type column.

  3. Log on to the RAM console. In the left-side navigation pane, choose Identities >Roles. Find the AliyunServiceRoleForApigatewayPutEventsToEventBridge role and click Delete in the Actions column.