Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(appsync): add new check appsync_field_level_logging_enabled #5602

Conversation

MarioRgzLpz
Copy link
Member

Context

This control ensures that field-level logging is enabled for AWS AppSync APIs. The control fails if field-level logging is not enabled or is neither ALL nor ERROR.

Enabling field-level logging helps you identify, troubleshoot, and optimize GraphQL queries by providing detailed information about API requests and responses. It is essential for addressing issues and meeting regulatory requirements.

Description

Add new check appsync_field_level_logging_enabled with respective unit tests and metadata.

Checklist

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@MarioRgzLpz MarioRgzLpz requested review from a team as code owners October 31, 2024 14:31
Base automatically changed from PRWLR-4280-create-new-service-app-sync to master November 6, 2024 16:50
@github-actions github-actions bot added the provider/aws Issues/PRs related with the AWS provider label Nov 7, 2024
Copy link
Member

@MrCloudSec MrCloudSec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to get all APIs since this check not only applies to GraphQL APIs.
Please, use the function list_apis to do so.

…ause boto3 does not have a method to check for other types of AppSync APIs and fix typo in graphql_apis
Copy link

codecov bot commented Nov 7, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.89%. Comparing base (ce1e9de) to head (7297e8f).
Report is 27 commits behind head on master.

Additional details and impacted files
@@           Coverage Diff           @@
##           master    #5602   +/-   ##
=======================================
  Coverage   89.88%   89.89%           
=======================================
  Files        1120     1123    +3     
  Lines       34760    34800   +40     
=======================================
+ Hits        31245    31284   +39     
- Misses       3515     3516    +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@MrCloudSec MrCloudSec merged commit f231d8b into master Nov 11, 2024
11 checks passed
@MrCloudSec MrCloudSec deleted the PRWLR-4445-ensure-aws-app-sync-field-level-logging-is-enabled branch November 11, 2024 15:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
provider/aws Issues/PRs related with the AWS provider
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants