lerra

# This is a ugly but working bash oneliner to quickly list all resources in api gateway with no authorizer set, that means public internet access to that API.
# It is a good way to get a indication if you or your developers are doing the right thing when they deploy services, internal services should be using keys or better, aws_iam protection. This is not checking if your api gateway is deployed on a private vpc but that should be easy to fix if you need it.
#
# You need aws cli v2 as v1 will only give you ~25% of all api gateways.
# Tested in Ubuntu 20.04 with aws cli version aws-cli/1.18.48 Python/3.8.5 Linux/5.8.0-50-generic botocore/1.15.48 and
# MAC aws cli version aws-cli/2.2.5 Python/3.8.8 Darwin/20.3.0 exe/x86_64 prompt/off
# 
# Grab a lunch when you execute this. In my case, it took 21 mins with a setup with 113 api gateways and 117 resources with aws-cli v1 on a fast connection
#
# Expected result from the command bellow is a new line for each public accessible resource with a apigw id, resource id