ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(apigw): Update metadata for API GW checks (#2512)

Browse Source
This commit is contained in:
Nacho Rivera
2023-06-20 09:22:00 +02:00
committed by GitHub
parent be497f7083
commit b75a5050d7
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
prowler/providers/aws/services/apigatewayv2/apigatewayv2_access_logging_enabled/apigatewayv2_access_logging_enabled.metadata.json
View File

@@ -21,8 +21,8 @@
"Terraform": "https://docs.bridgecrew.io/docs/bc_aws_logging_30#cloudformation"
},
"Recommendation": {
"Text": "Implement Amazon Cognito or a Lambda function to control access to your API.",
"Url": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/apis-apiid-authorizers.html"
"Text": "Monitoring is an important part of maintaining the reliability, availability and performance of API Gateway and your AWS solutions. You should collect monitoring data from all of the parts of your AWS solution. CloudTrail provides a record of actions taken by a user, role, or an AWS service in API Gateway. Using the information collected by CloudTrail, you can determine the request that was made to API Gateway, the IP address from which the request was made, who made the request, etc.",
"Url": "https://docs.aws.amazon.com/apigateway/latest/developerguide/security-monitoring.html"
}
},
"Categories": [],

10
prowler/providers/aws/services/apigatewayv2/apigatewayv2_authorizers_enabled/apigatewayv2_authorizers_enabled.metadata.json
View File

@@ -1,7 +1,7 @@
{
"Provider": "aws",
"CheckID": "apigatewayv2_authorizers_enabled",
"CheckTitle": "Checks if API Gateway V2 has Access Logging enabled.",
"CheckTitle": "Checks if API Gateway V2 has configured authorizers.",
"CheckType": [
"Logging and Monitoring"
],
@@ -10,8 +10,8 @@
"ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
"Severity": "medium",
"ResourceType": "AwsApiGatewayV2Api",
"Description": "Checks if API Gateway V2 has Access Logging enabled.",
"Risk": "If not enabled the logging of API calls is not possible. This information is important for monitoring API access.",
"Description": "Checks if API Gateway V2 has configured authorizers.",
"Risk": "If no authorizer is enabled anyone can use the service.",
"RelatedUrl": "",
"Remediation": {
"Code": {
@@ -21,8 +21,8 @@
"Terraform": ""
},
"Recommendation": {
"Text": "Enable Access Logging in the API stage.",
"Url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-accesslogsettings.html"
"Text": "Implement Amazon Cognito or a Lambda function to control access to your API",
"Url": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html"
}
},
"Categories": [],