AWS API Gateway Domain does not use a modern security policy
Description
AWS API Gateway Domain allows you to set the security policy. Using TLS 1_0 allows you to use insecure cypher suites.
Remediation
. In the AWS console, go to API Gateway.
. Select Custom Domain Names.
. Select the domain name to update and then Edit.
. For Minimum TLS version, select TLS 1.2.
. Select Save. === Fix - Buildtime
Terraform
resource "aws_api_gateway_domain_name" "example" {
...
... }
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0254 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform |
| Checkov ID | CKV_AWS_206 |