Integrate API Gateway with CloudWatch Logging

AWS API Gateway allows for exposing direct, programmatic access to your application. Understanding what calls are being made and as what data is being exposed can better help your understand execution behavior and see where behavior deviates. This also allows for you to better understand if there is data being exposed on particular endpoints where it should not be. This is why enabling CloudWatch logging on your API stages is considered a security best practice. Having a full inventory of all of your API endpoints and seeing what your current logging is and can help with NIST & GDPR compliance.

Audit & Remediation



  • Select the hyperlink of the API that you want to inspect.
  • In the left hand panel, select Stages, then in middle panel select the Version and finally under Logs/Tracing verify the Enable CloudWatch Logs is checked.



  • If this is not checked, check the box and then select the Log level of INFO and then select Log full request/response data.
  • Continue the outlined process in all stages for the specified API endpoint.
  • Continue the outlined process for all API endpoints.
  • Continue the outlined process for all API endpoints in all other regions.
See all certificates in a single place!

Do you want to see all of your ACM certificates in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.


Other Key Features


Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +