apigateway: Add resource policy for VPCE #53
Description
Problem being solved
Configuring VPCE for APIGW might not be enough to disable invocations from other networks. We need to investigate this and create a resource policy to prevent this.
Check best practices here: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-apis.html#:~:text=Restrict%20access%20to%20your%20private,can%20invoke%20your%20private%20API.
"Restrict access to your private API to specific VPCs or VPC endpoints. Add aws:SourceVpc or aws:SourceVpce conditions to your API's resource policy to restrict access."
Proposal
Create resource policy for apigw restricting the access only to the configure VPCEs