SAM API stages for V1 and V2 should have access logging enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | sam |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
API Gateway stages in AWS SAM are missing access logging configuration, which means requests to these APIs are not being tracked. Without the access log settings block, important details about API usage and access are not recorded.
Impact#
Lack of access logging makes it difficult to detect unauthorized access, troubleshoot issues, or investigate security incidents. This can lead to undetected malicious activity, compliance violations, and reduced visibility into API operations.
Resolution#
Enable logging for API Gateway stages