Api Gateway V2: Use Authorized Routes
Amazon API Gateway V2 is an AWS service for creating, publishing, maintaining, monitoring, and securing HTTP and WebSocket APIs at any scale.
Suggested Actions
Secure your API Routes that should not be publicly accessible by adding an authorizer to them. The AWS Documentation shows how set up the different types of authorizers.
You can disable this rule for an API Gateway with public routes in the sls-mentor.json
configuration file:
{
"rules": {
"useAuthorizedRoutes": {
"ignoredResources": ["<API_GATEWAY_ID>"]
}
}
}