AWS API Gateway Audit

Audit your API Gateway to safe gaurd your data

What we do?

API Gateway integrated with WAF

AWS Web Application Firewall (WAF) should be integrated with API Gateway. This protects your APIs from common web exploits such as SQLi attacks, XSS attacks and Cross-Site Request Forgery (CSRF) attacks.

Addresses: Security

Enable Active Tracing

Ensure that active tracing is enabled for your Amazon API Gateway API stages to sample incoming requests and send traces to AWS X-Ray

Addresses: Operational Maturity

Cloudwatch Logs must be enaled

Ensure that AWS CloudWatch logs are enabled for all your APIs created with Amazon API Gateway service in order to track and analyze execution behavior at the API stage level.

Addresses: Operational Maturity

Cloudwatch Metrics must be enabled

Ensure that detailed CloudWatch metrics are enabled for all APIs created with AWS API Gateway service in order to monitor API stages caching, latency and detected errors at a more granular level and set alarms accordingly.

Addresses: Operational Maturity

Use SSL Certificates

Ensure that your Amazon API Gateway APIs are using SSL certificates to verify that HTTP requests made to your backend system are from API Gateway service

Addresses: Security

Content Encoding must be enabled

Ensure that Content Encoding feature is enabled for your Amazon API Gateway APIs in order to facilitate API payload compression.

Addresses: Reliability

Only Private end-points can access APIs

Ensure that your Amazon API Gateway APIs are only accessible through private API endpoints and not visible to the public Internet

Addresses: Security

Rotate Expiring SSL Client Certificates

Ensure that the client-side SSL certificates used by your Amazon API Gateway REST APIs for secure authentication at the API integration endpoint level are rotated before their expiration date

Addresses: Security


Not ready for a free signup yet? No worries!

We suggest you use the checklist!

If you are not yet convinced to sign up with Cloudanix, that's not a problem. We recommend you use a comprehensive checklist which your team can use to perform a manual assessment of your workload.