This rule ensures API Gateway stage cache encryption at rest is enabled for security reasons.
Rule | API Gateway stage cache encryption at rest should be enabled |
Framework | NIST 800-53 Revision 5 |
Severity | ✔ Medium |
API Gateway Stage Cache Encryption at Rest - Rule Description
This rule requires enabling encryption at rest for the cache feature in API Gateway stages, in accordance with the NIST 800-53 Revision 5 security guidelines.
Rule Details
An API Gateway stage cache is a feature that allows caching of API responses, thereby improving performance and reducing the load on backend servers. However, caching sensitive data without proper encryption can increase security risks.
To comply with the NIST 800-53 Revision 5 security guidelines, API Gateway stage cache encryption at rest must be enabled. This ensures that any cached data, including potentially sensitive information, is protected from unauthorized access.
Troubleshooting Steps
There are no specific troubleshooting steps associated with this rule. However, in case of any issues related to enabling encryption at rest for the API Gateway stage cache, the following steps may help:
Necessary Code
There is no specific code provided for this rule, as enabling stage cache encryption at rest can typically be done through the API Gateway management console or via command-line interface (CLI) commands.
Step-by-Step Guide for Remediation
Follow these step-by-step instructions to enable API Gateway stage cache encryption at rest:
Note: If you prefer using CLI commands, you can use the AWS CLI with appropriate permissions to modify the stage caching settings. The specific command syntax may vary based on your operating system, AWS CLI configuration, and the API Gateway stage you are targeting.