API Gateway Access Logging Disabled

Query id: bf4b48b9-fc1f-4552-984a-4becdb5bf503
Query name: API Gateway Access Logging Disabled
Platform: Pulumi
Severity: Medium
Category: Observability
URL: Github

Description¶

API Gateway should have Access Log Settings defined
Documentation

Code samples¶

Code samples with security vulnerabilities¶

Postitive test num. 1 - yaml file

name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:apigatewayv2:Stage
    properties:
      apiId: ${aws_apigatewayv2_api.example.id}

Code samples without security vulnerabilities¶

Negative test num. 1 - yaml file

name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:apigatewayv2:Stage
    properties:
      apiId: ${aws_apigatewayv2_api.example.id}
      accessLogSettings:
        destinationArn: sampleArn
        format: CLF