AWS Security ChangesHomeSearch

AWS config documentation change

Service: config · 2026-01-25 · Documentation medium

File: config/latest/developerguide/api-gw-ssl-enabled.md

Summary

Clarified rule applicability for SSL certificate checks in API Gateway stages

Security assessment

Improves documentation of security feature (SSL enforcement) by clarifying rule evaluation logic and scope. No evidence of fixing a specific security vulnerability.

Diff

diff --git a/config/latest/developerguide/api-gw-ssl-enabled.md b/config/latest/developerguide/api-gw-ssl-enabled.md
index a0a20319a..19100f8a9 100644
--- a//config/latest/developerguide/api-gw-ssl-enabled.md
+++ b//config/latest/developerguide/api-gw-ssl-enabled.md
@@ -13 +13 @@ Checks if a REST API stage uses an SSL certificate. The rule is NON_COMPLIANT if
-This rule returns `NOT_APPLICABLE` if the [GetIntegration](https://docs.aws.amazon.com/apigateway/latest/api/API_GetIntegration.html) API returns `AWS` as [type](https://docs.aws.amazon.com/apigateway/latest/api/API_GetIntegration.html#apigw-GetIntegration-response-type).
+This rule returns `NOT_APPLICABLE` if the [GetIntegration](https://docs.aws.amazon.com/apigateway/latest/api/API_GetIntegration.html) API returns an integration type other than `HTTP` as [type](https://docs.aws.amazon.com/apigateway/latest/api/API_GetIntegration.html#apigw-GetIntegration-response-type). This rule evaluates the SSL certificate configuration in API Gateway stage settings, not the actual deployed state.