API Gateway Endpoint Config is Not Private
- Query id: 559439b2-3e9c-4739-ac46-17e3b24ec215
- Query name: API Gateway Endpoint Config is Not Private
- Platform: Ansible
- Severity: Medium
- Category: Networking and Firewall
- URL: Github
Description¶
The API Endpoint type in API Gateway should be set to PRIVATE so it's not exposed to the public internet
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: Setup AWS API Gateway setup on AWS and deploy API definition
community.aws.aws_api_gateway:
swagger_file: my_api.yml
stage: production
cache_enabled: true
cache_size: '1.6'
tracing_enabled: true
endpoint_type: EDGE
state: present