Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: API Gateway Stage Should Use SSL Certificate

This rule ensures that the API Gateway stage utilizes SSL certification for secure data transmission.

RuleAPI Gateway stage should uses SSL certificate
FrameworkRBI Cyber Security Framework
Severity
Medium

Rule Description

The rule states that the API Gateway stage should use an SSL certificate to comply with the RBI Cyber Security Framework. This ensures that the communication between the client and the API Gateway is secure and that the data exchanged is encrypted. Compliance with this rule helps in maintaining the security and integrity of data transmitted through the API Gateway.

Troubleshooting Steps

  2. 1.
    Check if the API Gateway stage is configured to use SSL certificates.
  4. 2.
    Verify that the SSL certificate is valid and not expired.
  6. 3.
    Ensure that the SSL certificate is issued by a trusted certificate authority.
  8. 4.
    Check if the SSL certificate is correctly configured in the API Gateway stage settings.
  10. 5.
    Verify if the SSL certificate is correctly bound to the custom domain name associated with the API Gateway stage.

Necessary Code

No specific code is required for this rule. However, you may need to use AWS CLI commands to configure SSL certificates for the API Gateway stage.

Step-by-Step Guide for Remediation

  2. 1.
    Identify the API Gateway stage that needs to use an SSL certificate.
  4. 2.
    Log in to the AWS Management Console.
  6. 3.
    Go to the API Gateway service.
  8. 4.
    Select the relevant API Gateway.
  10. 5.
    Click on the "Stages" tab.
  12. 6.
    Choose the appropriate stage from the list.
  14. 7.
    Click on the "Settings" tab.
  16. 8.
    Under the "Custom domain names" section, ensure that a custom domain name is configured for the stage.
  18. 9.
    If a custom domain name is not configured, follow the guide on setting up a custom domain name for the API Gateway.
  20. 10.
    Once the custom domain name is configured, click on the "Edit" button next to the custom domain name.
  22. 11.
    In the "Security" section, select the appropriate SSL certificate from the available options.
  24. 12.
    If the SSL certificate is not listed, make sure it is uploaded to the AWS Certificate Manager (ACM) or AWS Identity and Access Management (IAM) where applicable.
  26. 13.
    Save the changes.
  28. 14.
    Test the API Gateway stage to ensure that it is now using the SSL certificate.

Note: The above steps are for guidance purposes and may vary slightly depending on the specific API Gateway configuration and AWS console design.

By following these steps, the API Gateway stage will be configured to use an SSL certificate, ensuring compliance with the RBI Cyber Security Framework.

Is your System Free of Underlying Vulnerabilities?
Find Out Now