Ensure AWS API GATEWAY enables Create before Destroy
Error: AWS API Gateway does not enable Create before Destroy
Bridgecrew Policy ID: BC_AWS_GENERAL_152
Checkov Check ID: CKV_AWS_237
Severity: LOW
AWS API Gateway does not enable Create before Destroy
Description
It is recommended to enable create_before_destroy argument inside the resource lifecycle configuration block to avoid a possible outage when the API Gateway needs to be recreated during an update.
Fix - Buildtime
CloudFormation
CloudFormation creates a new API Gateway first and then will delete the old one automatically.
Terraform
resource "aws_api_gateway_rest_api" "example" {
name = "example"
+ lifecycle {
+ create_before_destroy = true
+ }
}
Updated 6 months ago