API Gateway REST API cache data should be encrypted at rest
Description
This control evaluates whether execution logging is enabled for all stages of an Amazon API Gateway REST API. The control passes only if the logging level has been configured for each API method within the API stage. The logging level must be set to either ERROR
or INFO
.
For API Gateway REST API stages, it’s important to have appropriate logging enabled. Logging for these stages provides comprehensive records of the requests processed by API Gateway REST APIs. This includes details such as backend responses from API integrations, Lambda authorizer responses, and the request ID associated with AWS integration endpoints.
To learn how to configure execution logging for API Gateway REST APIs, refer to the Set up CloudWatch API logging using the API Gateway console section of the API Gateway Developer Guide documentation.