API Gateway X-Ray Should Be Enabled
More Info:
Ensure XRAY is enabled for API GatewayRisk Level
LowAddress
Reliability, Operational Maturity, SecurityCompliance Standards
CBPTriage and Remediation
Check Cause
Using Console
Using Console
- Sign in to the AWS Management Console.
- Navigate to the API Gateway console. You can do this by typing “API Gateway” into the search bar at the top of the console, then selecting “API Gateway” from the dropdown menu.
- In the API Gateway console, select the API you want to check.
- In the settings for the selected API, look for the “Tracing” section. If X-Ray is enabled, there will be a checkmark next to “Enable X-Ray Tracing”. If there is no checkmark, then X-Ray is not enabled for this API.
Using CLI
Using CLI
-
Install and configure AWS CLI: Before you can start using AWS CLI, you need to install it on your local machine and configure it with your AWS account credentials. You can do this by running the following commands:
Installation:
Configuration:You will be prompted to provide your AWS Access Key ID, Secret Access Key, Default region name, and Default output format.
-
List all API Gateways: Use the following AWS CLI command to list all the API Gateways in your AWS account:
This command will return a list of all the REST APIs in your account. Note down the “id” of the API Gateway you want to check.
-
Get API Gateway details: Use the following AWS CLI command to get the details of the specific API Gateway:
Replace "" with the id of the API Gateway you noted down in the previous step. This command will return the details of the API Gateway.
- Check X-Ray tracing: In the output of the previous command, look for the “tracingEnabled” field. If the value of this field is “true”, then X-Ray tracing is enabled for the API Gateway. If the value is “false” or the field is not present, then X-Ray tracing is not enabled.
Using Python
Using Python
-
Install the necessary Python libraries: Before you start, you need to install the AWS SDK for Python (Boto3) in your environment. This can be done using pip:
-
Configure AWS Credentials: You need to configure your AWS credentials. You can configure it in several ways, but the simplest is to use the AWS CLI:
You’ll be prompted to enter your AWS Access Key ID, Secret Access Key, default region name, and default output format.
-
Create a Python script to list all API Gateway and check if X-Ray is enabled:
This script will list all your API Gateways and check if X-Ray is enabled. If it’s enabled, it will print “X-Ray is enabled for API Gateway: ”, otherwise it will print “X-Ray is not enabled for API Gateway: ”.
-
Run the Python script: You can run the Python script using the following command:
This will print the status of X-Ray for all your API Gateways.