Back to All Checks
Medium APIGateway Regional

API Gateway REST and WebSocket API execution logging should be enabled

NISTISO 27001HIPAA

Description

This control checks whether all stages of an Amazon API Gateway REST or WebSocket API have logging enabled. The control fails if logging is not enabled for all methods of a stage or if loggingLevel is neither ERROR nor INFO.

Remediation

To enable logging for REST and WebSocket API operations, see Set up CloudWatch API logging using the API Gateway console in the API Gateway Developer Guide.

Steps

  1. Navigate to the API Gateway console.
  2. Select the API and stage you want to enable logging for.
  3. Configure the logging settings to either ERROR or INFO level.

Compliance

NISTISO 27001HIPAA
Start Your Free Security Check