Ensure AWS AppSync's logging is enabled
Error: AWS AppSync's logging is disabled
Bridgecrew Policy ID: BC_AWS_GENERAL_169
Checkov Check ID: CKV_AWS_193
Severity: LOW
AWS AppSync's logging is disabled
Description
It is recommended to have a proper logging process for AWS AppSync in order to track configuration changes conducted manually and programmatically and trace back unapproved changes.
Fix - Runtime
Fix - Buildtime
Terraform
resource "aws_appsync_graphql_api" "enabled" {
authentication_type = "API_KEY"
name = "example"
log_config {
cloudwatch_logs_role_arn = "aws_iam_role.example.arn"
field_log_level = "ERROR"
}
}
Updated 11 months ago