Ensure Serverless Framework API Endpoint Config Is Private

Serverless Framework Function is a way of running code without provisioning or managing servers.
EndpointType is a property that defines how the function is exposed to the internet.
You can set endpointType to 'PRIVATE' to make the function only accessible within your virtual network, so it can help you improve your function's security, performance, and reliability by reducing exposure to external threats and network threats latency.

Risk Level: medium
Platform: AWS Serverless
Spectral Rule ID: SLFW008


in provider Set endpointType to 'PRIVATE'

service: my-service
frameworkVersion: '2'
  name: aws
- endpointType: REGIONAL
+ endpointType: PRIVATE

Read more: