Amazon API Gateway
      Back to home
      1. CNS Policies
      2. AWS Knowledge Base
      3. Amazon API Gateway

      API Gateway Missing Detailed CloudWatch Metrics

      The plug-in collects and processes data recorded by monitoring the API execution and converts it into readable form by arranging it into metrics and the metric data is by default sent to CloudWatch at an interval of one minute.

      Risk Level: Low

      Description:  

      The plug-in collects and processes data recorded by monitoring the API execution and converts it into readable form by arranging it into metrics and the metric data is by default sent to CloudWatch at an interval of one minute. CloudWatch works at a more granular level to detect errors, monitor API stages caching and latency.

      About the Service:

      API(Application Programming Interface) Gateway is an AWS service that lies between the client and tons of backend services. The actions performed by API Gateways include creating, deploying, and managing RESTful API and WebSocket API.

      Impact: 

      The drawback of missing detailed CloudWatch metrics is the inability to act fast and take immediate actions based on information delivered by these matrices through alarms which means the latency is increased.

      Steps to reproduce :

      1. Sign-in to AWS management console.
      2. Navigate to API Gateway dashboard at https://console.aws.amazon.com/apigateway/
      3. Open the API listing page by selecting APIs, present in the left navigation panel.
      4. Choose the API you want to examine.
      5. Select Stages to list the created staged for the selected API, in the API submenu.
      6. Select the stage you want to examine.
      7. Open Stage configuration settings, in the Logs tab, on the API stage editor panel.
      8. Verify the Enable Detailed CloudWatch Metrics Setting status. 

      Steps for remediation :

      1. Sign-in to AWS management console.
      2. Navigate to API Gateway dashboard at https://console.aws.amazon.com/apigateway/
      3. Open the API listing page by selecting APIs, present in the left navigation panel.
      4. Choose the API you want to examine.
      6. Select Stages to list the created staged for the selected API, in the API submenu.
      7. Select the stage you want to examine.
      8. Open Stage configuration settings, in the Logs tab, on the API stage editor panel.
      9. Enable the Enable Detailed CloudWatch Metrics Setting by checking the checkbox.
      10. Once the changes are saved , following metrics will be generated by each API method:
        • API calls
        • Latency
        • Integration Latency
        • 4xx and 5xx errors

      References: