appsync-authorization-check
Checks if an Amazon AppSync API is using allowed authorization mechanisms. The rule is NON_COMPLIANT if an unapproved authorization mechanism is being used.
Identifier: APPSYNC_AUTHORIZATION_CHECK
Resource Types: AWS::AppSync::GraphQLApi
Trigger type: Configuration changes
Amazon Web Services Region: All supported Amazon regions
Parameters:
- AllowedAuthorizationTypes
- Type: CSV
-
Comma-separated list of allowed Amazon AppSync authorization mechanisms. Allowed values are: 'API_KEY', 'Amazon_LAMBDA', 'Amazon_IAM', 'OPENID_CONNECT', 'AMAZON_COGNITO_USER_POOLS'.
Amazon CloudFormation template
To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.