API Gateway Access Logging Disabled
- Query id: 1b6799eb-4a7a-4b04-9001-8cceb9999326
- Query name: API Gateway Access Logging Disabled
- Platform: Terraform
- Severity: Medium
- Category: Observability
- URL: Github
Description¶
API Gateway should have Access Log Settings defined
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_api_gateway_stage" "postive1" {
stage_name = "dev"
rest_api_id = "id"
}
resource "aws_apigatewayv2_stage" "postive2" {
stage_name = "dev"
rest_api_id = "id"
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "aws_api_gateway_stage" "negative1" {
stage_name = "dev"
rest_api_id = "id"
access_log_settings {
destination_arn = "dest"
}
}
resource "aws_apigatewayv2_stage" "negative2" {
stage_name = "dev"
rest_api_id = "id"
access_log_settings {
destination_arn = "dest"
}
}