Ensure that detailed CloudWatch metrics are enabled for all APIs created with AWS API Gateway service in order to monitor API stages caching, latency and detected errors at a more granular level and set alarms accordingly.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
excellence
efficiency
The main benefit of enabling AWS CloudWatch metrics for API stages is getting more granular metric data which can help you to act fast and take immediate actions based on information delivered by these metrics through alarms. For example, if you developed a critical API and you need to be notified sooner when there is a sudden spike in 4xx or 5xx errors, you can set alarms that monitors and triggers on a per minute basis (instead of 5 minute period) using the data gathered by detailed CloudWatch metrics.
Audit
To determine if your API stages have AWS CloudWatch metrics enabled, perform the following:
Remediation / Resolution
To enable detailed CloudWatch metrics for your Amazon API Gateway APIs stages, perform the following actions:
References
- AWS Documentation
- Amazon API Gateway FAQs
- Trace API Management and Invocation
- Monitor API execution with Amazon CloudWatch
- AWS Command Line Interface (CLI) Documentation
- apigateway
- get-rest-apis
- get-stages
- update-stage
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
APIs Detailed CloudWatch Metrics
Risk level: Medium