API Gateway Client Certificate is Disabled

Overview

Checks whether the API Gateway Stage has client certificates enabled for accessing your backend endpoint. API Gateways support the use of client certificates for specific APIs and stages. These allow you to ensure that connections to your internal API endpoints only come from the gateway, protects against possible man in the middle attacks and other similar risks.

Vendor

AWS

Cloud Service

API Gateway

APIGateway.2

References

https://docs.aws.amazon.com/apigateway/latest/api/API_RestApi.html, https://docs.aws.amazon.com/apigateway/latest/api/API_Stage.html

Severity

Item Types

AWS::ApiGateway::RestApi

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​