TF 0351 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
SAM HTTP API stages for V1 and V2 should have access logging enabled
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | sam |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description
API Gateway stages for AWS SAM HTTP APIs are missing access log settings, resulting in a lack of visibility into requests and responses at each stage. Without access logging enabled, critical access details are not recorded for monitoring or auditing.
Impact
The absence of access logs can hinder incident response, forensics, and compliance efforts, making it difficult to detect unauthorized access or misuse. Attackers may exploit this gap to perform malicious actions without detection, increasing the risk of data breaches or service abuse.
Resolution
Enable logging for API Gateway stages