Serverless API Cache Cluster Disabled

• Query id: 60a05ede-0a68-4d0d-a58f-f538cf55ff79
• Query name: Serverless API Cache Cluster Disabled
• Platform: CloudFormation
• Severity: Low
• Category: Insecure Configurations
• URL: Github

Description

AWS Serverless API should have cache clustering enabled
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: AWS SAM template with a simple API definition
Resources:
  ApiGatewayApi:
    Type: AWS::Serverless::Api
    Properties:
      StageName: prod
      TracingEnabled: true

Positive test num. 2 - yaml file

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: AWS SAM template with a simple API definition
Resources:
  ApiGatewayApi2:
    Type: AWS::Serverless::Api
    Properties:
      StageName: prod
      TracingEnabled: true
      CacheClusterEnabled: false

Code samples without security vulnerabilities

Negative test num. 1 - yaml file

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: AWS SAM template with a simple API definition
Resources:
  ApiGatewayApi3:
    Type: AWS::Serverless::Api
    Properties:
      StageName: prod
      TracingEnabled: true
      CacheClusterEnabled: true