Ensure that AWS CloudWatch logs are enabled for all your APIs created with Amazon API Gateway service in order to track and analyze execution behavior at the API stage level.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Once the logging is enabled, Amazon CloudWatch starts recording information about the API execution at the stage level and this information can be extremely useful for troubleshooting any issues that you might have with your APIs.
To determine if your API stages have AWS CloudWatch logs enabled, perform the following:
Remediation / Resolution
To enable AWS CloudWatch Logs for your Amazon API Gateway APIs, perform the following actions:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
APIs CloudWatch Logs
Risk level: Medium