Feature request: check API Gateway TLS termination policy
rdegraaf opened this issue · comments
Rennie deGraaf commented
Is your feature request related to a problem? Please describe.
AWS API Gateway Default Endpoints can be configured to use TLS 1.0 or newer, or to use TLS 1.2 or newer; see https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html for details.. More TLS termination policies may be added in the future. Unless support for obsolete clients is specifically required, most applications should require TLS 1.2 or newer.
Describe the solution you'd like
ScoutSuite should check that all API Gateway Custom Domains are configured to use the "TLS-1-2" security policy.