do not use security policy

Author: anthony-nhs

packages/cdkConstructs/tests/nag/ApiGatewayMutualTls.test.ts

@@ -18,8 +18,7 @@ describe("ApiGWMutualTls", () => {
   const ruleId = "ApiGWMutualTls"
   test("Non-compliant when mutual TLS is not enabled", () => {
     new CfnDomainName(stack, "TestDomain", {
-      domainName: "test.example.com",
-      securityPolicy: "SecurityPolicy_TLS13_1_3_2025_09 "
+      domainName: "test.example.com"
     })
 
     // Validate
@@ -28,7 +27,6 @@ describe("ApiGWMutualTls", () => {
   test("Compliant when mutual TLS is enabled", () => {
     new CfnDomainName(stack, "TestDomain", {
       domainName: "test.example.com",
-      securityPolicy: "SecurityPolicy_TLS13_1_3_2025_09 ",
       mutualTlsAuthentication: {
         truststoreUri: "truststoreUri",
         truststoreVersion: "truststoreVersion"
@@ -42,7 +40,6 @@ describe("ApiGWMutualTls", () => {
   test("Non-compliant when mutual TLS is missing trustStoreVersion", () => {
     new CfnDomainName(stack, "TestDomain", {
       domainName: "test.example.com",
-      securityPolicy: "SecurityPolicy_TLS13_1_3_2025_09 ",
       mutualTlsAuthentication: {
         truststoreUri: "truststoreUri"
       }
@@ -54,8 +51,7 @@ describe("ApiGWMutualTls", () => {
   test("Compliant when mutual TLS is not enabled in a pull request", () => {
     stack.node.setContext("isPullRequest", true)
     new CfnDomainName(stack, "TestDomain", {
-      domainName: "test.example.com",
-      securityPolicy: "SecurityPolicy_TLS13_1_3_2025_09 "
+      domainName: "test.example.com"
     })
 
     // Validate
@@ -64,8 +60,7 @@ describe("ApiGWMutualTls", () => {
   test("Compliant when mutual TLS is not enabled in not a pull request", () => {
     stack.node.setContext("isPullRequest", false)
     new CfnDomainName(stack, "TestDomain", {
-      domainName: "test.example.com",
-      securityPolicy: "SecurityPolicy_TLS13_1_3_2025_09 "
+      domainName: "test.example.com"
     })
 
     // Validate