As the secure entry point for your applications, Oracle Cloud Infrastructure (OCI) API Gateway delivers essential benefits such as authentication, authorization, rate limiting, and request/response transformation. With your organization’s cloud footprint evolving, it’s more important than ever to have strong protections that prevent accidental changes to your API Gateway.   

We’re pleased to introduce API Gateway Resource Locking, a robust new feature that empowers you to secure and safeguard your most critical API Gateway resources against unintentional modifications or deletions.  This capability is now available in all regions and Dedicated Regions.

What is Resource Locking

Resource locking offers a unified way to protect your API gateways and related resources from accidental or intentional changes. By applying a lock, you add an extra layer of security helping ensure that critical assets can’t be altered or removed by users or automation, even beyond standard permissions or policies.

There are two lock types available:

  1. Delete Lock: Prevents deletion but still allows authorized users to read, update, or move the API Gateway or related resources
  2. Full Lock: Restricts all changes and authorized users can only read the API Gateway and related resources.

How it Works

Here’s how resource locking helps you secure your API Gateway resources every step of the way: 

  • Apply Locks: Administrators can apply a lock at the resource level using the CLI, SDK/API or Terraform. 
  • Block Modifications: Once locked, any delete or modify actions are blocked until the lock is removed.
  • Audit and Governance: All locking events are logged, enables audit and compliance

Resource Locking Use Cases

Resource locking delivers real-world value across a variety of critical scenarios, including:

  • Production Environments: Prevent accidental outages by protecting your most essential systems from unwanted API Gateway resource changes.
  • Critical API Infrastructure: Help ensure business continuity by securing the API components fundamental to your operations.
  • Regulated Industries: Simplify compliance and change management for highly regulated sectors such as finance, healthcare, and government.

Automate resource locking with your preferred language

You can now manage API Gateway resource locks programmatically using the OCI CLI, SDKs, and Terraform provider. Lock actions are fully automatable and supported across Python, Java, .NET, Go, TypeScript, Ruby, and PowerShell. 

Add resource locking protections to your gateway today

To learn more about Oracle Cloud Infrastructure’s API Gateway, see the following resources: