Home > AWS > API Gateway (REST APIs) > API Gateway does not enforce latest TLS/SSL policy
low severity

API Gateway does not enforce latest TLS/SSL policy (SNYK-CC-TF-63)

Issue

The API gateway will accept older TLS cipher suits

Impact

Older cipher suites could be vulnerable to hijacking and information disclosure

Resolve

CloudFormation
Set `Properties.SecurityPolicy` attribute to `TLS_1_2`
Terraform
Set `security_policy` attribute to `TLS_1_2`