π§ AWS API Gateway API Route Authorization Type is not configured - prod.logic.yamlπ’
- Contextual name: π§ prod.logic.yamlπ’
- ID:
/ce/ca/aws/apigateway/api-route-authorization-type/prod.logic.yaml - Tags:
- π’ Logic test success
- π’ Logic with extracts
- π’ Logic with test data
Usesβ
- π AWS API Gateway API
- π AWS API Gateway API - object.extracts.yaml
- π AWS API Gateway Route - object.extracts.yaml
- π§ͺ test-data.json
Test Results π’β
Generated at: 2026-02-07T12:01:59.729857620Z Open
| Result | Id | Condition Index | Condition Text | Runtime Error |
|---|---|---|---|---|
| π’ | test1 | βοΈ 99 | βοΈ isDisappeared(CA10__disappearanceTime__c) | βοΈ null |
| π’ | test2 | βοΈ 199 | βοΈ not(setOfText(['httpApi']).contains(RecordType.DeveloperName)) | βοΈ null |
| π’ | test3 | βοΈ 399 | βοΈ extract('CA10__protocolType__c') == 'HTTP' && CA10A1__AWS_API_Gateway_Routes__r.has(INCOMPLIANT) | βοΈ null |
| π’ | test4 | βοΈ 299 | βοΈ extract('CA10__protocolType__c') == 'WEBSOCKET' && CA10A1__AWS_API_Gateway_Routes__r.has(INCOMPLIANT) | βοΈ null |
| π’ | test5 | βοΈ 400 | βοΈ otherwise | βοΈ null |
| π’ | test6 | βοΈ 400 | βοΈ otherwise | βοΈ null |
| π’ | test7 | βοΈ 400 | βοΈ otherwise | βοΈ null |
Generation Bundleβ
| File | MD5 | |
|---|---|---|
| Open | /ce/ca/aws/apigateway/api-route-authorization-type/policy.yaml | 734DDBB07D28E2B379E86EFB6208BCD0 |
| Open | /ce/ca/aws/apigateway/api-route-authorization-type/prod.logic.yaml | 6814C4509688D2705E7B0A35EE9795A0 |
| Open | /ce/ca/aws/apigateway/api-route-authorization-type/test-data.json | 8CC03B321232263D24F91E025DA92884 |
| Open | /types/CA10__CaAwsApiGatewayRestApi__c/object.extracts.yaml | 746F09341E8149BAD88C53E274DB1DD5 |
| Open | /types/CA10A1__CaAwsApiGatewayRoute__c/object.extracts.yaml | 341AE92FA4ED622FA3D827EAEFA95B7F |
Available Commandsβ
repo-manager policies generate FULL /ce/ca/aws/apigateway/api-route-authorization-type/prod.logic.yaml
repo-manager policies generate DEBUG /ce/ca/aws/apigateway/api-route-authorization-type/prod.logic.yaml
repo-manager policies generate CAPTURE_TEST_DATA /ce/ca/aws/apigateway/api-route-authorization-type/prod.logic.yaml
repo-manager policies generate TESTS /ce/ca/aws/apigateway/api-route-authorization-type/prod.logic.yaml
# Execute tests
repo-manager policies test /ce/ca/aws/apigateway/api-route-authorization-type/prod.logic.yaml
Contentβ
---
inputType: "CA10__CaAwsApiGatewayRestApi__c"
recordTypes:
- httpApi
importExtracts:
- file: "/types/CA10__CaAwsApiGatewayRestApi__c/object.extracts.yaml"
- file: "/types/CA10A1__CaAwsApiGatewayRoute__c/object.extracts.yaml"
testData:
- file: "test-data.json"
conditions:
- status: "INCOMPLIANT"
currentStateMessage: "The WebSocket API has at least one API Route with\
\ no Authorization Type configured."
remediationMessage: "Consider configuring an authorization type for the\
\ API Route in the API Gateway."
check:
AND:
args:
- IS_EQUAL:
left:
EXTRACT: "CA10__protocolType__c"
right:
TEXT: "WEBSOCKET"
- RELATED_LIST_HAS:
status: "INCOMPLIANT"
relationshipName: "CA10A1__AWS_API_Gateway_Routes__r"
- status: "INCOMPLIANT"
currentStateMessage: "The HTTP API has at least one API Route with\
\ no Authorization Type configured."
remediationMessage: "Consider configuring an authorization type for the\
\ API Route in the API Gateway."
check:
AND:
args:
- IS_EQUAL:
left:
EXTRACT: "CA10__protocolType__c"
right:
TEXT: "HTTP"
- RELATED_LIST_HAS:
status: "INCOMPLIANT"
relationshipName: "CA10A1__AWS_API_Gateway_Routes__r"
otherwise:
status: "COMPLIANT"
currentStateMessage: "The API doesn't have Routes without an Authorization Type."
relatedLists:
- relationshipName: "CA10A1__AWS_API_Gateway_Routes__r"
conditions:
- status: "INCOMPLIANT"
currentStateMessage: "API Gateway Route Authorization Type is not configured."
remediationMessage: "Configure Authorization Type for the API Gateway Route."
check:
IS_EQUAL:
left:
EXTRACT: "CA10A1__authorizationType__c"
right:
TEXT: "NONE"
otherwise:
status: "COMPLIANT"
currentStateMessage: "API Gateway Route Authorization Type is configured."