Question 102240 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

Amazon web services – AWS API Gateway: Cloud Watch logs not working

I am using AWS API Gateway that triggers a Lambda function (integration request type is LAMBDA_PROXY).

I am trying to add logs for the gateway’s activities via Cloud Watch.

After following this documentation, it is still not working.

The log role have the AmazonAPIGatewayPushToCloudWatchLogs permission and is set in the settings tab under CloudWatch log role ARN.

The stage have the following configurations under Logs/Tracing:

enter image description here

The logs group have the following configurations:

enter image description here

I am testing via postman and the Lambda is being triggered normally.

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    The issue was caused by one of the logging role's permission boundaries.

    Configuring the necessary boundaries for my case solved the problem.


  2. 0

    First thing to check, there is a global setting which is placed in Settings from your API Gateway console that you should have checked.

    Check if you have input your IAM Role ARN that have the sufficient permissions into this place yet.

    apigw-cwlogs-settings

    Second thing to check, you should double-check that IAM role trust relationship value. Here is mine:

    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": {
                "Service": "apigateway.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        }
    ]
}

    Third thing to check, you should re-check your Access Logs format. Try using a sample one to check if it works or not?

    { "requestId":"$context.requestId", 
  "extendedRequestId":"$context.extendedRequestId", 
  "ip": "$context.identity.sourceIp", 
  "caller":"$context.identity.caller", 
  "user":"$context.identity.user", 
  "requestTime":"$context.requestTime", 
  "httpMethod":"$context.httpMethod", 
  "resourcePath":"$context.resourcePath", 
  "status":"$context.status", 
  "protocol":"$context.protocol", 
  "responseLength":"$context.responseLength" 
}

    References:

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search