Loading controls...
Benchmark: API Gateway
Description
This section contains recommendations for configuring API Gateway resources.
Usage
Browse dashboards and select API Gateway:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.all_controls_apigatewaySnapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.all_controls_apigatewayControls
- API Gateway REST API public endpoints should be configured with authorizer
- API Gateway routes should specify an authorization type
- API Gateway V2 authorizer should be configured
- API Gateway stages should have authorizers configured
- API Gateway REST API endpoint type should be configured to private
- API Gateway stage should uses SSL certificate
- API Gateway REST API stages should have AWS X-Ray tracing enabled
- API Gateway stage cache encryption at rest should be enabled
- API Gateway stage logging should be enabled
- API Gateway stage should be associated with waf
- Access logging should be configured for API Gateway V2 Stages