API Gateway has endpoint not private

ID

aws_api_gateway_endpoint_private

Severity

low

Vendor

AWS

Resource

Network

Tags

asvs50-v13.1.1, reachable

Description

API Gateway has endpoint not private. The endpoint is exposed to the public internet.

To fix it, you must configure endpoint_type=PRIVATE.

Learn more about this topic at AWS Api Gateway private.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: API Gateway
      community.aws.api_gateway:
        swagger_file: my_api.yml
        stage: production
        cache_enabled: true
        cache_size: '1.6'
        tracing_enabled: true
        endpoint_type: EDGE
        state: present

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: API Gateway
      community.aws.api_gateway:
        swagger_file: my_api.yml
        stage: production
        cache_enabled: true
        cache_size: '1.6'
        tracing_enabled: true
        endpoint_type: PRIVATE
        state: present