AWS Appsync API Cache is not encrypted in transit

Description

This policy identifies the AWS Appsync API that are configured with disabled in-transit data encryption. It is recommended that these resources will be configured with in-transit data encryption to minimize risk for sensitive data being leaked.

Code Example

resource "aws_appsync_api_cache" "pass" {
  api_id                     = aws_appsync_graphql_api.default.id
  transit_encryption_enabled = true
  at_rest_encryption_enabled = true
  ttl                        = 60
  type                       = "SMALL"
  api_caching_behavior       = "FULL_REQUEST_CACHING"
}

Remediation

Terraform

Rule Details

Field	Value
ID	IAC-0263
Severity	LOW
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV_AWS_215

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

AWS Appsync API Cache is not encrypted in transit

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

AWS Appsync API Cache is not encrypted in transit ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

AWS Appsync API Cache is not encrypted in transit

Description

Code Example

Remediation

Rule Details

References