SAM State machine must have logging enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | sam |
| Provider | AWS |
Description#
The AWS SAM state machine is configured without logging enabled, preventing the capture of execution details and activity traces. This lack of logging makes it difficult to monitor or debug state machine operations.
Impact#
Without logging, suspicious or unauthorized activities within the state machine may go undetected, making incident investigation and compliance auditing challenging and increasing the risk of undetected security breaches.
Resolution#
Enable logging