AWS > API Gateway >

API Gateway Default Endpoint Disabled

HIGH

Source

CloudSploit

ID

api-gateway-default-endpoint-disabled

management console

API Gateway Default Endpoint Disabled

Ensure default execute-api endpoint is disabled for your API Gateway.

By default, clients can invoke your API by using the execute-api endpoint that API Gateway generates for your API. To ensure that clients can access your API only by using a custom domain name, disable the default execute-api endpoint.

Recommended Actions

Modify API Gateway to disable default execute-api endpoint.

Links

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use