diff --git a/infra/docker/api/api.conf b/infra/docker/api/api.conf
index a5fe90656b..bc9a2add74 100644
--- a/infra/docker/api/api.conf
+++ b/infra/docker/api/api.conf
@@ -1,3 +1,9 @@
+map $request_uri $should_log {
+  default 1;
+  # The security group healthcheck endpoint.
+  ~^/healthcheck 0;
+}
+
 server {
   listen 8080;
   listen [::]:8080;
@@ -6,6 +12,8 @@ server {
 
   root /var/www/html/public;
 
+  access_log /dev/stdout main if=$should_log;
+
   # Prevent some browsers from MIME-sniffing the response.
   #
   # This reduces exposure to drive-by download attacks and cross-origin data
diff --git a/infra/docker/internal/internal.conf b/infra/docker/internal/internal.conf
index 9160192a61..2e548de82a 100644
--- a/infra/docker/internal/internal.conf
+++ b/infra/docker/internal/internal.conf
@@ -1,3 +1,9 @@
+map $request_uri $should_log {
+  default 1;
+  # The security group healthcheck endpoint.
+  ~^/healthcheck 0;
+}
+
 # Add Access-Control-Allow-Origin.
 map $sent_http_content_type $cors {
   # Images
@@ -31,6 +37,8 @@ server {
 
   root /var/www/html/public;
 
+  access_log /dev/stdout main if=$should_log;
+
   # Protect website against clickjacking.
   #
   # The example below sends the `X-Frame-Options` response header with the value
diff --git a/infra/docker/selfserve/selfserve.conf b/infra/docker/selfserve/selfserve.conf
index 7342e9738f..22f5fcd6fd 100644
--- a/infra/docker/selfserve/selfserve.conf
+++ b/infra/docker/selfserve/selfserve.conf
@@ -1,3 +1,9 @@
+map $request_uri $should_log {
+  default 1;
+  # The security group healthcheck endpoint.
+  ~^/healthcheck 0;
+}
+
 # Add Access-Control-Allow-Origin.
 map $sent_http_content_type $cors {
   # Images
@@ -31,6 +37,8 @@ server {
 
   root /var/www/html/public;
 
+  access_log /dev/stdout main if=$should_log;
+
   # Protect website against clickjacking.
   #
   # The example below sends the `X-Frame-Options` response header with the value