API Gateway REST API Cache Data Is Not Encrypted

Overview

This checks whether all methods in API Gateway REST API stages that have cache enabled are encrypted. The check fails if any method in an API Gateway REST API stage is configured to cache and the cache is not encrypted. Cloud Defense evaluates the encryption of a particular method only when caching is enabled for that method.

Encrypting data at rest reduces the risk of data stored on disk being accessed by a user not authenticated to AWS. It adds another set of access controls to limit unauthorized users ability access the data. For example, API permissions are required to decrypt the data before it can be read.

API Gateway REST API caches should be encrypted at rest for an added layer of security.

Vendor

AWS

Cloud Service

API Gateway

APIGateway.5

Severity

Item Types

AWS::ApiGateway::RestApi

Overview​

Vendor​

Cloud Service​

Related Controls​

Severity​

Item Types​

Overview

Vendor

Cloud Service

Related Controls

Severity

Item Types