Control: API Gateway stage should uses SSL certificate
Description
Ensure if a REST API stage uses a Secure Sockets Layer (SSL) certificate. This rule is complaint if the REST API stage does not have an associated SSL certificate.
Usage
Run the control in your terminal:
powerpipe control run terraform_aws_compliance.control.apigateway_rest_api_stage_use_ssl_certificate
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run terraform_aws_compliance.control.apigateway_rest_api_stage_use_ssl_certificate --share
SQL
This control uses a named query:
select address as resource, case when (attributes_std -> 'client_certificate_id') is null then 'alarm' else 'ok' end status, split_part(address, '.', 2) || case when (attributes_std -> 'client_certificate_id') is null then ' does not use SSL certificate' else ' uses SSL certificate' end || '.' reason , path || ':' || start_linefrom terraform_resourcewhere type = 'aws_api_gateway_stage';