This topic describes the scenario of using the API Gateway-EventBridge service-linked role AliyunServiceRoleForApigatewayPutEventsToEventBridge and how to delete the service-linked role.
Background
The API Gateway-EventBridge service-linked role AliyunServiceRoleForApigatewayPutEventsToEventBridge is a RAM role provided by API Gateway to upload events to your event bus. For more information, see the topics about service-linked roles.
Scenarios
When you create a backend service of the EventBridge type, API Gateway prompts you to create the AliyunServiceRoleForApigatewayPutEventsToEventBridge service-linked role. When you create and call APIs that use the backend service, API Gateway uses this service-linked role to obtain the permissions to upload events to your event bus.
Role description
Role name: AliyunServiceRoleForApigatewayPutEventsToEventBridge Policy attached to the role: AliyunServiceRolePolicyForApigatewayPutEventsToEventBridge Policy content:
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": "eventbridge:PutEvents",
"Resource": "*"
}
]
}Delete the AliyunServiceRoleForGwsDiskEncryption role
If you want to delete the AliyunServiceRoleForApigatewayPutEventsToEventBridge service-linked role, you must first delete the backend services and APIs that depend on the service-linked role. Procedure:
Log on to the API Gateway console. In the left-side navigation pane, choose Manage APIs > Backend Services.
On the Backend Services page, find the backend service that you want to manage and click Delete in the Actions column. You can search for an EventBridge backend service by using the Type column.
Log on to the RAM console. In the left-side navigation pane, choose Identities >
Roles. Find theAliyunServiceRoleForApigatewayPutEventsToEventBridgerole and click Delete in the Actions column.