Data protection

API Gateway REST API with stages that have cache data enabled but cache is not encrypted

Risk Level

Informational (4)

Platform(s)

Description

API Gateway is a service for creating and managing REST, HTTP, and WebSocket APIs. A REST API in API Gateway is a collection of resources and methods that are integrated with backend HTTP endpoints, Lambda functions, or other AWS services. It was detected that the REST API {AwsApiGatewayEndpoint} has stages: {AwsApiGatewayEndpoint.Stages} with cache data enabled, but cache is not encrypted. This vulnerability increases the risk of data stored on disk being accessed by unauthorized user.