AWS apigateway documentation change
Summary
Added TLS/cipher suite variables and integration timing metrics
Security assessment
Enhances security visibility through new logging variables for TLS details and integration timing, improving audit capabilities.
Diff
diff --git a/apigateway/latest/developerguide/api-gateway-variables-for-access-logging.md b/apigateway/latest/developerguide/api-gateway-variables-for-access-logging.md index 4c7c8f479..02662568a 100644 --- a//apigateway/latest/developerguide/api-gateway-variables-for-access-logging.md +++ b//apigateway/latest/developerguide/api-gateway-variables-for-access-logging.md @@ -43,0 +44 @@ Calling `$context.authorizer.key` returns the `"value"` string, calling `$contex +`$context.cipherSuite` | The cipher, in IANA format, that is negotiated during the TLS handshake between the client and API Gateway. @@ -80,0 +82 @@ Calling `$context.authorizer.key` returns the `"value"` string, calling `$contex +`$context.integration.responseTransferMode` | The response transfer mode of your integration. This can be either `BUFFERED` or `STREAMED`. @@ -81,0 +84,2 @@ Calling `$context.authorizer.key` returns the `"value"` string, calling `$contex +`$context.integration.timeToAllHeaders` | The time between when API Gateway establishes the integration connection to when it receives all integration response headers from the client. +`$context.integration.timeToFirstContent` | The time between when API Gateway establishes the integration connection to when it receives the first content bytes. @@ -104,0 +109 @@ API Gateway APIs can accept HTTP/2 requests, but API Gateway sends requests to b +`$context.tlsVersion` | The TLS version that is negotiated during the TLS handshake between the client and API Gateway.