'How to enable Cloudwatch logging for AWS API GW via Cloudformation template

I am trying to enable cloudwatch logs for AWS API Gateway via cloudformation template but it does not enables. I have tried setting up logginglevel to INFO in both Stage description and also Method settings. Any idea on what am I missing?

When I manually enable logging through UI, it works. Not working when I try to enable through cloudformation template as below -

Note: I am just using plain cloudformation template and I have already added role ARN that has permissions to API Gateway in my account to log cloudwatch

TestDeployment:
  Type: AWS::ApiGateway::Deployment
  Properties:
    Description: API Deployment
    RestApiId: testApi
    StageName: 'dev'
    StageDescription:
      Description: Stage - DEV
      LoggingLevel: INFO
      MethodSettings:
        - ResourcePath: "/testresource"
          HttpMethod: "POST"
          LoggingLevel: INFO
aws-api-gatewayapi-gatewayamazon-api-gateway


Solution 1:[1]

Please add MetricsEnabled property in StageDescription to enabled CloudWatch log at stage level. If you want to enable CloudWatch logs at the method level, add MetricsEnabled property in MethodSettigns. In the following example, I have enabled logs in both places.

TestDeployment:
  Type: AWS::ApiGateway::Deployment
  Properties:
    Description: API Deployment
    RestApiId: testApi
    StageName: 'dev'
    StageDescription:
      Description: Stage - DEV
      LoggingLevel: INFO
      MetricsEnabled: True
      MethodSettings:
        - ResourcePath: "/testresource"
          HttpMethod: "POST"
          LoggingLevel: INFO
          MetricsEnabled: True

Solution 2:[2]

Have you already configure API Gateway RestApi to write logs into CloudWatch as describe in AWS documentation : https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html

Note that you must set permissions for CloudWatch logging.

Solution 3:[3]

UPDATE For APIGatewayV2 - Access Logs only (Execution logs aren't available for http).

The AWS documentation is pretty unclear. After some days of shotgun programming, I found this. Here is a Cloudformation with API Gateway v2 that worked for me:

MyLogGroup:
    Type: AWS::Logs::LogGroup
    Properties:
      LogGroupName: /aws/apigateway/nameOfLogGroupForCloudWatch
      RetentionInDays: 7
MyStage:
    Type: AWS::ApiGatewayV2::Stage
    Properties:
      # Begin CloudWatch
      AccessLogSettings:
        DestinationArn: !GetAtt MyLogGroup.Arn # This points to the log group above
        Format: '{ "requestId": "$context.requestId", "path": "$context.path", "routeKey": "$context.routeKey", "ip": "$context.identity.sourceIp", "requestTime": "$context.requestTime", "httpMethod": "$context.httpMethod","statusCode": $context.status }'

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Swanand Gajendragadkar
Solution 2 NicoM
Solution 3 josh hoegen

Related Questions

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Amazon AWS S3 to Force Download Mp3 File instead of Stream It

How to enable terraform module only with a specific workspace

AWS RDS Postgres: WAL_LEVEL not set to 'logical' after changing rds.logical_replication = 1

Use terraform to set up a lambda function triggered by a scheduled event source

Use terraform to set up a lambda function triggered by a scheduled event source

Self stopping EC2 once task complete?

AWS - SWF - Asynchronous method

Why my cloudformation template is over 1 MB?

AWS elastic beanstalk - WARN install EACCES: permission denied, access '/tmp/.npm'

Aws step functions - Resume from failed step function activity instead of starting a new execution

Redirect Elastic Beanstalk URL to domain name

node-lambda - TypeError: handler is not a function