API Gateway With CloudWatch Logging Disabled
- Query id: 72a931c2-12f5-40d1-93cc-47bff2f7aa2a
- Query name: API Gateway With CloudWatch Logging Disabled
- Platform: Ansible
- Severity: Medium
- Category: Observability
- CWE: 778
- URL: Github
Description¶
AWS CloudWatch Logs for APIs is not enabled
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
---
- name: Setup AWS API Gateway setup on AWS cloudwatchlogs
community.aws.cloudwatchlogs_log_group:
state: present
kms_key_id: arn:aws:kms:region:account-id:key/key-id