appsync-authorization-check
Checks if an AWS AppSync API is using allowed authorization mechanisms. The rule is NON_COMPLIANT if an unapproved authorization mechanism is being used.
Identifier: APPSYNC_AUTHORIZATION_CHECK
Resource Types: AWS::AppSync::GraphQLApi
Trigger type: Configuration changes
AWS Region: All supported AWS regions
Parameters:
- AllowedAuthorizationTypes
- Type: CSV
-
Comma-separated list of allowed AWS AppSync authorization mechanisms. Allowed values are: 'API_KEY', 'AWS_LAMBDA', 'AWS_IAM', 'OPENID_CONNECT', 'AMAZON_COGNITO_USER_POOLS'.
AWS CloudFormation template
To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.