Integrate API Gateway with CloudWatch Logging
AWS API Gateway allows for exposing direct, programmatic access to your application. Understanding what calls are being made and as what data is being exposed can better help your understand execution behavior and see where behavior deviates. This also allows for you to better understand if there is data being exposed on particular endpoints where it should not be. This is why enabling CloudWatch logging on your API stages is considered a security best practice. Having a full inventory of all of your API endpoints and seeing what your current logging is and can help with NIST & GDPR compliance.