Ensure Serverless Framework API should have HTTP Access Logging is enabled
Serverless Framework API is a way of creating and managing HTTP APIs with the Serverless Framework.
HTTP Access Logging records information about the requests and responses that pass through your API.
You can enable HTTP Access Logging for your Serverless Framework API by adding a logs property to your provider section in your serverless.yml file.
The logs property can have a httpApi property that specifies the format and destination of the access logs.
One possible reason you should enable HTTP Access Logging for your Serverless Framework API is to gain insight into your serverless application's web traffic and user behavior.
With HTTP Access Logging, you can monitor your API's performance, availability, and security, analyze user trends and preferences, troubleshoot errors and issues, and optimize your code and resources.
Risk Level: medium
Platform: AWS Serverless
Spectral Rule ID: SLFW001
REMEDIATION
In provider.logs.restAPI
, set accessLogging
to true
service: myservice
frameworkVersion: '2'
provider:
name: aws
logs:
restApi:
- accessLogging: false
+ accessLogging: true
Read more:
Updated over 1 year ago