Rule: API Gateway Stage Logging Should Be Enabled
This rule focuses on enabling logging for API Gateway stages to ensure effective monitoring and security.
| Rule | API Gateway stage logging should be enabled |
| Framework | NIST Cybersecurity Framework (CSF) v1.1 |
| Severity | ✔ High |
Rule Description
The API Gateway stage logging should be enabled for compliance with the NIST Cybersecurity Framework (CSF) v1. This framework provides guidelines and best practices to manage and reduce cybersecurity risks.
Troubleshooting Steps
- 1.Check the API Gateway settings to verify if stage logging is enabled.
- 2.Review the API Gateway logs to determine if any errors or warnings related to stage logging are present.
- 3.Ensure that the NIST CSF v1 compliance requirements are fully understood.
Necessary Codes
There are no specific codes associated with this rule. However, you may need to utilize AWS CLI commands to enable or configure the logging settings for API Gateway.
Step-by-Step Guide for Remediation
Follow the below steps to enable API Gateway stage logging for NIST Cybersecurity Framework (CSF) v1:
- 1.Open the AWS Management Console and navigate to the API Gateway service.
- 2.Select the API you want to enable stage logging for.
- 3.In the left navigation panel, click on "Stages."
- 4.Choose the desired stage for which you want to enable logging.
- 5.Under the "Logs/Tracing" tab, click on the section for "Enable CloudWatch Logs."
- 6.Check the box to enable "CloudWatch Logs" and configure the log format as required.
- 7.Ensure that the log level is sufficient to capture the necessary information for compliance with NIST CSF v1.
- 8.If you want to stream logs to a different AWS account or region, provide the necessary CloudWatch Logs destination details.
- 9.Click on "Save changes" to enable stage logging for the selected API Gateway stage.
Conclusion
Enabling API Gateway stage logging is crucial for compliance with the NIST Cybersecurity Framework (CSF) v1. Following the provided step-by-step guide, you can easily enable stage logging and meet the necessary requirements. Remember to review the logs periodically to ensure compliance and monitor any potential security risks or issues.