Risk Level: High
Cloud Entity: Amazon API Gateway
CloudGuard Rule ID: D9.AWS.NET.68
Covered by Spectral: No
Category: Networking & Content Delivery

GSL LOGIC

ApiGateway should not have resources contain-any [ methods contain-any [ requestValidatorId isEmpty() ] ]

REMEDIATION

From Portal:
Use following steps to enable a request validator on a method.

Sign in to the API Gateway console.
Choose the relevant API.
Select the method which has no validation.
Click 'Method Request'.
Choose the pencil icon of Request Validator under Settings.
Choose validation option from the Request Validator drop-down list. Then choose the check mark icon to save your choice.

References:

Amazon API Gateway

Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create REST and WebSocket APIs that act as a "front door" for applications to access data, business logic, or functionality from your backend services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, any web application, or real-time communication a

Compliance Frameworks

AWS CloudGuard Best Practices
AWS CloudGuard SOC2 based on AICPA TSC 2017
AWS HITRUST
AWS HITRUST v11.0.0
AWS ITSG-33
AWS MITRE ATT&CK Framework v10
AWS MITRE ATT&CK Framework v11.3
CloudGuard AWS All Rules Ruleset