Json Yaml Missing Access Log Settings
Description
Detects when AWS API Gateway stages are configured without access logging enabled in CloudFormation templates. Missing access logs prevent organizations from tracking API usage, investigating security incidents, and maintaining audit compliance.
Detection Strategy
• Identifies CloudFormation resources of type 'AWS::ApiGateway::Stage'
• Checks if the Stage resource is missing the AccessLogSettings configuration
• Reports a vulnerability when an API Gateway stage does not have access logging configured
Vulnerable code example
Resources:
ProdStage:
Type: AWS::ApiGateway::Stage
Properties:
StageName: Prod
RestApiId: api123
Variables: # Vulnerable: No cache encryption settings configured
Environment: Prod...✅ Secure code example
Resources:
ProdStage:
Type: AWS::ApiGateway::Stage
Properties:
StageName: Prod
RestApiId: api123
# Added access logging for security audit trail
AccessLogSetting:...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.