You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
List all your API GATEWAY resources in AWS that have no authorization enabled (=Public access) and no api key with aws cli
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a ugly but working bash oneliner to quickly list all resources in api gateway with no authorizer set, that means public internet access to that API.
# It is a good way to get a indication if you or your developers are doing the right thing when they deploy services, internal services should be using keys or better, aws_iam protection. This is not checking if your api gateway is deployed on a private vpc but that should be easy to fix if you need it.
#
# You need aws cli v2 as v1 will only give you ~25% of all api gateways.
# Tested in Ubuntu 20.04 with aws cli version aws-cli/1.18.48 Python/3.8.5 Linux/5.8.0-50-generic botocore/1.15.48 and
# MAC aws cli version aws-cli/2.2.5 Python/3.8.8 Darwin/20.3.0 exe/x86_64 prompt/off
#
# Grab a lunch when you execute this. In my case, it took 21 mins with a setup with 113 api gateways and 117 resources with aws-cli v1 on a fast connection
#
# Expected result from the command bellow is a new line for each public accessible resource with a apigw id, resource id