Skip to main content

💼 [APIGateway.9] Access logging should be configured for API Gateway V2 Stages

  • Contextual name: 💼 [APIGateway.9] Access logging should be configured for API Gateway V2 Stages
  • ID: /frameworks/aws-fsbp-v1.0.0/api-gateway/09
  • Located in: 💼 API Gateway

Description

API Gateway access logs provide detailed information about who has accessed your API and how the caller accessed the API. These logs are useful for applications such as security and access audits and forensics investigation. Enable these access logs to analyze traffic patterns and to troubleshoot issues.

Similar

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions9
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging417
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records31328
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories8
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis8
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation57
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation44765
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring610
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic14
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events8
💼 PCI DSS v4.0.1 → 💼 10.4.2 Logs of all other system components are reviewed periodically.15

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)

PolicyLogic CountFlags
📝 AWS API Gateway API Access Logging in CloudWatch is not enabled 🟢1🟠 x1, 🟢 x5

Internal Rules

RulePoliciesFlags
✉️ dec-x-d75f6d861