Dedicated API Gateways Have an Authorization Type Set
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
apig-instances-authorization-type-configured |
|
Identifier |
Dedicated API Gateways Have an Authorization Type Set |
|
Description |
If no authentication is set for a dedicated API gateway, this API gateway is non-compliant. |
|
Tag |
apig |
|
Trigger Type |
Configuration change |
|
Filter Type |
apig.instances |
|
Rule Parameters |
None |
Application Scenarios
When creating an API, you need to ask for identity authentication, for example, with IAM or an authentication app provided by the API Gateway, to prevent malicious API calls. For details, see How Do I Ensure API Calling Security?
Solution
Set an authentication mode for API calls, for example, with an authentication app or Huawei Cloud IAM. You can also create custom authorizer. For details, see Creating a Custom Authorizer.
Rule Logic
- If no authentication is set for a dedicated API gateway, this API gateway is non-compliant.
- If an authentication method is set for a dedicated API gateway, this API gateway is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
