Ensure that content encoding is enabled for API Gateway Rest API

MEDIUM

Description

Content encoding is disabled for API Gateway Rest API. This may cause the API Gateway Rest APIs to extra bandwidth; leading to network saturation.

Remediation

In AWS Console -

  1. Go to the API Gateway console.
  2. Select the API.
  3. Select the Stages.
  4. In the Stages list for the API, choose the stage.
  5. Choose the Settings tab.
  6. Go to Cache settings API cache.
  7. Check the Content Encoding enabled configuration setting.

In Terraform -

  1. In the aws_api_gateway_rest_api resource, configure the minimum_compression_size field accordingly.

References:
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-gzip-compression-decompression.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_rest_api#minimum_compression_size

Policy Details

Rule Reference ID: AC_AWS_0010
CSP: AWS
Remediation Available: Yes
Resource Category: Virtual Network
Resource Type: API Gateway