Risk Level: High
Cloud Entity: Amazon API Gateway
CloudGuard Rule ID: D9.AWS.NET.68
Covered by Spectral: No
Category: Networking & Content Delivery
ApiGateway should not have resources contain-any [ methods contain-any [ requestValidatorId isEmpty() ] ]
Use following steps to enable a request validator on a method.
- Sign in to the API Gateway console.
- Choose the relevant API.
- Select the method which has no validation.
- Click 'Method Request'.
- Choose the pencil icon of Request Validator under Settings.
- Choose validation option from the Request Validator drop-down list. Then choose the check mark icon to save your choice.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create REST and WebSocket APIs that act as a ï¿½ï¿½ï¿½front doorï¿½ï¿½ï¿½ for applications to access data, business logic, or functionality from your backend services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, any web application, or real-time communication a
- AWS CloudGuard Best Practices
- AWS CloudGuard SOC2 based on AICPA TSC 2017
- AWS HITRUST
- AWS HITRUST v11.0.0
- AWS ITSG-33
- AWS MITRE ATT&CK Framework v10
- AWS MITRE ATT&CK Framework v11.3
- CloudGuard AWS All Rules Ruleset
Updated 3 months ago