AWS Foundational Security Best Practice
ACM.1
Imported and ACM-issued certificates should be renewed after a specified time period
APIGateway.2
API Gateway REST API stages should be configured to use SSL certificates for backend authentication
APIGateway.4
API Gateway should be associated with a WAF Web ACL
APIGateway.8
API Gateway routes should specify an authorization type
Account.1
Security contact information should be provided for an AWS account.
AutoScaling.2
Amazon EC2 Auto Scaling group should cover multiple Availability Zones
APIGateway.1
API Gateway REST and WebSocket API execution logging should be enabled
APIGateway.3
API Gateway REST API stages should have AWS X-Ray tracing enabled
APIGateway.5
API Gateway REST API cache data should be encrypted at rest
APIGateway.9
This control checks if Amazon API Gateway V2 stages have access logging configured. This control fails if access log settings aren’t defined.
AutoScaling.1
Auto scaling groups associated with a Classic Load Balancer should use load balancer health checks
AutoScaling.3
Auto Scaling group launch configurations should configure EC2 instances to require Instance Metadata Service Version 2 (IMDSv2)