API Gateway access logging should be enabled for V2 API stages

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

This control evaluates whether access logging is enabled for a specific stage of an Amazon API Gateway V2 API.

For API Gateway API stages, it’s important to have appropriate logging enabled. Logging for these stages provides comprehensive records of the requests processed by API Gateway APIs. This includes details such as backend responses from API integrations, Lambda authorizer responses, and the request ID associated with AWS integration endpoints.

Remediation

To learn how to configure access logging for API Gateway APIs, refer to the Set up CloudWatch API logging using the API Gateway console section of the API Gateway Developer Guide documentation.