API Gateway routes should specify an authorization type

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This control verifies whether Amazon API Gateway routes are configured with an authorization mechanism. The control fails if an API Gateway route lacks any form of authorization.

API Gateway offers several methods for managing and restricting access to your APIs. By setting an authorization type, you can ensure that only authorized users or systems can access your API.

Remediation

To learn how to configure authorization for HTTP APIs, review the Controlling and managing access to an HTTP API in API Gateway section in the API Gateway Developer Guide. To configure authorization for WebSocket APIs, review the Controlling and managing access to a WebSocket API in API Gateway section in the API Gateway Developer Guide.