All Products
Search
Document Center

Cloud Config:Enable HTTPS force redirect for independent domains in API groups

Last Updated:Jun 22, 2026

Checks whether HTTPS force redirect is enabled for all public independent domains in an API Gateway group. The group is compliant if all public independent domains have HTTPS force redirect enabled. If no independent domains exist in the group, the rule is not applicable.

Scenarios

Verifies that all public independent domains in an API Gateway group have HTTPS force redirect enabled, ensuring secure communication for external services.

Risk level

Default risk level: High.

You can change the risk level as needed.

Detection logic

  • Checks whether HTTPS force redirect is enabled for all public independent domains in an API Gateway group. The group is compliant if all public independent domains have HTTPS force redirect enabled. If no independent domains exist in the group, the rule is not applicable.

Rule details

Parameter

Description

Rule name

Enable HTTPS force redirect for independent domains in API groups

Rule identifier

api-gateway-group-force-https

Tag

ApiGroup

Automatic remediation

Not supported

Rule trigger mechanism

Configuration changes

Supported resource types

ACS::ApiGateway::ApiGroup

Input parameters

None