API Gateway stages for V1 and V2 should have access logging enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | api-gateway |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
Enabling access logging for API Gateway stages is essential for monitoring API usage, tracking errors, and detecting potential abuse or attacks. Without access logs, troubleshooting and security auditing become difficult.
Impact#
Without logging, there is no visibility into API calls, making it challenging to detect security incidents, misconfigurations, or potential abuse of the API endpoints.
Resolution#
Enable logging for API Gateway stages