Cloud Security Rules

Find out if you have vulnerabilities that put you at risk

RULE	SERVICE GROUP
H API Gateway allows anonymous access	API Gateway (REST APIs)
H API Gateway cached responses are not encrypted	API Gateway (REST APIs)
H Wildcard action specified in API Gateway access policy	API Gateway (REST APIs)
M API Gateway access logging is disabled	API Gateway (REST APIs)
M API Gateway authorizer caching TTL is not configured	API Gateway (REST APIs)
M API Gateway caching is not enabled for REST APIs	API Gateway (REST APIs)
M API Gateway classic custom domain does not use secure TLS protocol version (1.2 and above)	API Gateway (REST APIs)
M API Gateway classic is not using authentication mechanisms	API Gateway (REST APIs)
M API Gateway methods metrics are not enabled	API Gateway (REST APIs)
M API Gateway Missing Rate Limiting and Throttling Controls	API Gateway (REST APIs)
M API Gateway should require API key for access	API Gateway (REST APIs)
M API Gateway X-Ray tracing is disabled	API Gateway (REST APIs)
M The API gateway will accept older TLS cipher suits	API Gateway (REST APIs)
M Wildcard principal specified in REST API access policy	API Gateway (REST APIs)