AWS API Gateway can be configured for IAM authentication and authorization. Specific policies can be used for specific actions and resources to secure an API. For more information, see the AWS documentation.
References:
https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html
In AWS Console -
In Terraform -
There are additional methods for securing access to an API Gateway. For more information, see the AWS or Terraform documentation.
References:
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-to-api.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method