API Gateway Without SSL Certificate
- Query id: b47b98ab-e481-4a82-8bb1-1ab39fd36e33
- Query name: API Gateway Without SSL Certificate
- Platform: Ansible
- Severity: Medium
- Category: Insecure Configurations
- CWE: 295
- URL: Github
Description¶
SSL Client Certificate should be enabled
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: update API
aws_api_gateway:
api_id: 'abc123321cba'
state: present
swagger_file: my_api.yml
validate_certs: no
- name: update API v1
aws_api_gateway:
api_id: 'abc123321cba'
state: present
swagger_file: my_api.yml
- name: Setup AWS API Gateway setup on AWS and deploy API definition
community.aws.aws_api_gateway:
swagger_file: my_api.yml
stage: production
cache_enabled: true
cache_size: '1.6'
tracing_enabled: true
endpoint_type: EDGE
state: present
validate_certs: no
- name: Setup AWS API Gateway setup on AWS and deploy API definition v1
community.aws.aws_api_gateway:
swagger_file: my_api.yml
stage: production
cache_enabled: true
cache_size: '1.6'
tracing_enabled: true
endpoint_type: EDGE
state: present
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
- name: update API v2
aws_api_gateway:
api_id: abc123321cba
state: present
swagger_file: my_api.yml
validate_certs: yes
- name: Setup AWS API Gateway setup on AWS and deploy API definition v2
community.aws.aws_api_gateway:
swagger_file: my_api.yml
stage: production
cache_enabled: true
cache_size: '1.6'
tracing_enabled: true
endpoint_type: EDGE
state: present
validate_certs: yes