Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add API_GW_ACCESS_LOGGING_ENABLED rule #382

Open
bmorrissirromb opened this issue Jan 6, 2022 · 0 comments
Open

Add API_GW_ACCESS_LOGGING_ENABLED rule #382

bmorrissirromb opened this issue Jan 6, 2022 · 0 comments

Comments

@bmorrissirromb
Copy link 

#####################################
##           Gherkin               ##
#####################################
Rule Name:
    API_GW_ACCESS_LOGGING_ENABLED
Description:
  Checks that methods in an Amazon API Gateway stage for deployed APIs have 'loggingLevel' as one of the values specified in the rule parameter 'loggingLevel'. The rule returns NON_COMPLIANT if any method in a stage has 'loggingLevel' set to a value not matching any of the logging levels specified in the rule parameter.
Trigger:
  Configuration Change on AWS::ApiGateway::Stage or AWS::ApiGatewayV2::Stage
Reports on:
  AWS::ApiGateway::Stage or AWS::ApiGatewayV2::Stage
Rule Parameters:
  None
Scenarios:
  Scenario: 1
    Given: In the Stage configuration item, 'AccessLogSetting' (APIGWv1) or 'AccessLogSettings' (APIGWv2) is defined.
     Then: Return COMPLIANT
  Scenario: 2
    Given: In the Stage configuration item, neither 'AccessLogSetting' (APIGWv1) nor 'AccessLogSettings' (APIGWv2) are defined.
     Then: Return NON_COMPLIANT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bmorrissirromb