Skip to main content

FC HTTP Trigger Authentication Check

ID: rule:aliyun:fc-trigger-http-not-anonymous
Severity: high
IaC Types: ROS, Terraform

Description

FC HTTP triggers should require authentication to prevent unauthorized access.

Reason for Violation

The FC HTTP trigger allows anonymous access, which may expose the function to unauthorized invocations.

Recommendation

Configure authentication for the HTTP trigger by setting authType to a value other than anonymous in the config.

Resource Types

ROS: ALIYUN::FC::Trigger
Terraform: alicloud_fc_trigger

Description
Reason for Violation
Recommendation
Resource Types