All Products
Search
Document Center

Cloud Config:Enable IPv4 access control and set a valid access control list for an API Gateway instance

Last Updated:Jun 23, 2026

An API Gateway instance is compliant if IPv4 access control is enabled with a valid access control list.

Scenarios

Checks whether an API Gateway instance has IPv4 access control enabled with a valid access control list, preventing unauthorized IP access and improving API security.

Risk level

Default risk level: Medium.

You can change the risk level as needed.

Detection logic

  • An API Gateway instance is compliant if it has IPv4 access control enabled and a valid access control list is set.

Rule details

Parameter

Description

Rule name

Enable IPv4 access control and set a valid access control list for an API Gateway instance

Rule identifier

apigateway-ipv4-public-access-check

Tag

ApiGateway

Automatic remediation

Not supported

Rule trigger

Periodic

Trigger frequency

24 hours

Supported resource types

ACS::ApiGateway::Instance

Input parameters

None

Remediation

To remediate a non-compliant resource, see Use instance access control policy groups to implement access control.