TF 0321 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
SAM State machine must have logging enabled
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | sam |
| Provider | AWS |
Description
The AWS SAM state machine is configured without logging enabled, preventing the capture of execution details and activity traces. This lack of logging makes it difficult to monitor or debug state machine operations.
Impact
Without logging, suspicious or unauthorized activities within the state machine may go undetected, making incident investigation and compliance auditing challenging and increasing the risk of undetected security breaches.
Resolution
Enable logging