API Gateway X-Ray tracing is disabled Affecting API Gateway (REST APIs) service in AWS

Snyk CCSS

General / APIs

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls

Snyk ID SNYK-CC-00313
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Traces will not be collected for this API Gateway, which can impede incident management.

How to fix?

Set the xray_tracing_enabled attribute to true.

Example Configuration

resource "aws_api_gateway_stage" "example" {
  deployment_id = aws_api_gateway_deployment.example.id
  rest_api_id   = aws_api_gateway_rest_api.example.id
  stage_name    = "example"
  xray_tracing_enabled = true
}

Terraform

Resource: aws_api_gateway_stage

References

Amazon API Gateway active tracing support for AWS X-Ray
Setting up AWS X-Ray with API Gateway REST APIs
Understanding AWS X-Ray traces for Amazon API Gateway APIs