github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/apigateway/AVD-AWS-0004/Terraform.md (about) 1 2 Use and authorization method or require API Key 3 4 ```hcl 5 resource "aws_api_gateway_rest_api" "MyDemoAPI" { 6 7 } 8 9 resource "aws_api_gateway_resource" "MyDemoResource" { 10 rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id 11 } 12 13 resource "aws_api_gateway_method" "good_example" { 14 rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id 15 resource_id = aws_api_gateway_resource.MyDemoResource.id 16 http_method = "GET" 17 authorization = "AWS_IAM" 18 } 19 20 ``` 21 ```hcl 22 resource "aws_api_gateway_rest_api" "MyDemoAPI" { 23 24 } 25 26 resource "aws_api_gateway_resource" "MyDemoResource" { 27 rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id 28 } 29 30 resource "aws_api_gateway_method" "good_example" { 31 rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id 32 resource_id = aws_api_gateway_resource.MyDemoResource.id 33 http_method = "GET" 34 authorization = "NONE" 35 api_key_required = true 36 } 37 38 ``` 39 ```hcl 40 resource "aws_api_gateway_rest_api" "MyDemoAPI" { 41 42 } 43 44 resource "aws_api_gateway_resource" "MyDemoResource" { 45 rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id 46 } 47 48 resource "aws_api_gateway_method" "good_example" { 49 rest_api_id = aws_api_gateway_rest_api.MyDemoAPI.id 50 resource_id = aws_api_gateway_resource.MyDemoResource.id 51 http_method = "OPTION" 52 authorization = "NONE" 53 } 54 55 ``` 56 57 #### Remediation Links 58 - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method#authorization 59