Ensure AWS Appsync API Cache is encrypted in transit
Error: AWS Appsync API Cache is not encrypted in transit
Bridgecrew Policy ID: BC_AWS_GENERAL_140
Checkov Check ID: CKV_AWS_215
Severity: LOW
AWS Appsync API Cache is not encrypted in transit
Description
This policy identifies the AWS Appsync API that are configured with disabled in-transit data encryption. It is recommended that these resources will be configured with in-transit data encryption to minimize risk for sensitive data being leaked.
Fix - Runtime
Fix - Buildtime
Terraform
resource "aws_appsync_api_cache" "pass" {
api_id = aws_appsync_graphql_api.default.id
transit_encryption_enabled = true
at_rest_encryption_enabled = true
ttl = 60
type = "SMALL"
api_caching_behavior = "FULL_REQUEST_CACHING"
}
Updated 6 months ago