All Products
Search

This Product

    API Gateway:API Gateway-EventBridge service-linked role

    Document Center

    API Gateway:API Gateway-EventBridge service-linked role

    Last Updated:Feb 27, 2026

    API Gateway uses the service-linked role AliyunServiceRoleForApigatewayPutEventsToEventBridge to publish events to your event bus in EventBridge. A service-linked role is a RAM role that a cloud service automatically creates and manages on your behalf with predefined permissions. For more information about service-linked roles, see the topics about service-linked roles in the RAM documentation.

    Role details

    PropertyValue
    Role nameAliyunServiceRoleForApigatewayPutEventsToEventBridge
    Role typeService-linked role (RAM role)
    Attached policyAliyunServiceRolePolicyForApigatewayPutEventsToEventBridge

    Policy content:

    The attached policy grants API Gateway permission to call the eventbridge:PutEvents action on all EventBridge resources. This allows API Gateway to publish events to any event bus in your account.

    {
  "Version": "1",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "eventbridge:PutEvents",
      "Resource": "*"
    }
  ]
}

    When the role is created

    When you create a backend service of the EventBridge type, API Gateway prompts you to create the AliyunServiceRoleForApigatewayPutEventsToEventBridge service-linked role. After the role is created, API Gateway uses it to obtain the permissions required to publish events to your event bus whenever you create and call APIs that use the EventBridge backend service.

    Delete the AliyunServiceRoleForApigatewayPutEventsToEventBridge role

    Before you can delete the AliyunServiceRoleForApigatewayPutEventsToEventBridge service-linked role, you must first delete all backend services and APIs that depend on it. After you remove the dependent resources, you can delete the role from the RAM console.

    Step 1: Delete the dependent backend services

    1. Log on to the API Gateway console.

    2. In the left-side navigation pane, choose Manage APIs > Backend Services.

    3. On the Backend Services page, use the Type column to filter for EventBridge backend services.

    4. Find the backend service that you want to delete and click Delete in the Actions column.

    5. Repeat the previous step for each EventBridge backend service that you want to remove.

    Step 2: Delete the role

    1. Log on to the RAM console.

    2. In the left-side navigation pane, choose Identities > Roles.

    3. Find the AliyunServiceRoleForApigatewayPutEventsToEventBridge role and click Delete in the Actions column.

    Related information