Ensure API Gateway stage have logging level defined appropriately
Error: API Gateway stage does not have logging level defined appropriately
Bridgecrew Policy ID: BC_AWS_LOGGING_29
Checkov Check ID: CKV2_AWS_4
Severity: LOW
API Gateway stage does not have logging level defined appropriately
Description
TBA
Fix - Buildtime
Terraform
- Resources: aws_api_gateway_rest_api, aws_api_gateway_deployment, aws_api_gateway_method_settings
resource "aws_api_gateway_rest_api" "ok_example" {
body = jsonencode({
openapi = "3.0.1"
info = {
title = "ok_example"
version = "1.0"
}
paths = {
"/path1" = {
get = {
x-amazon-apigateway-integration = {
httpMethod = "GET"
payloadFormatVersion = "1.0"
type = "HTTP_PROXY"
uri = "https://ip-ranges.amazonaws.com/ip-ranges.json"
}
}
}
}
})
name = "ok_example"
}
resource "aws_api_gateway_deployment" "ok_example" {
rest_api_id = aws_api_gateway_rest_api.ok_example.id
triggers = {
redeployment = sha1(jsonencode(aws_api_gateway_rest_api.ok_example.body))
}
lifecycle {
create_before_destroy = true
}
}
resource "aws_api_gateway_stage" "ok_example" {
deployment_id = aws_api_gateway_deployment.ok_example.id
rest_api_id = aws_api_gateway_rest_api.ok_example.id
stage_name = "ok_example"
}
resource "aws_api_gateway_method_settings" "all" {
rest_api_id = aws_api_gateway_rest_api.ok_example.id
stage_name = aws_api_gateway_stage.ok_example.stage_name
method_path = "*/*"
settings {
metrics_enabled = true
logging_level = "ERROR"
}
}
Updated over 1 year ago