Ensure AWS API gateway enables Create before Destroy
Description
It is recommended to enable create_before_destroy argument inside the resource lifecycle configuration block to avoid a possible outage when the API Gateway needs to be recreated during an update.
Code Example
go
resource "aws_api_gateway_rest_api" "example" {
name = "example"
+ lifecycle {
+ create_before_destroy = true
+ }
}Remediation
CloudFormation
CloudFormation creates a new API Gateway first and then will delete the old one automatically.
Terraform
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0285 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform |
| Checkov ID | CKV_AWS_237 |