Skip to content

Commit 0b8e62c

Browse files
SWhyteAnswerSWhyteAnswer
authored
[NDR -110] API Gateway access logs (#323)
* correcting variable errors pre-existing * removing tags * temp reverting typo as var not being set * removing unnecessary stream * depends on * removing depends on * moving cloudwatch to new file * deleting copied cloudwatch * [NDR-102] remove null check * removing access log + execution logs * removing unused cloudwatch module * removing unused cloudwatch resource * log group name chnage * change regex * pr fixes * removing space * [NDR-102] pr fixes * [ndr-102] fix --------- Co-authored-by: Sam Whyte <[email protected]>
1 parent 1854a2d commit 0b8e62c

File tree

5 files changed

+28
-94
lines changed

5 files changed

+28
-94
lines changed

infrastructure/api.tf

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -91,7 +91,28 @@ resource "aws_api_gateway_stage" "ndr_api" {
9191
deployment_id = aws_api_gateway_deployment.ndr_api_deploy.id
9292
rest_api_id = aws_api_gateway_rest_api.ndr_doc_store_api.id
9393
stage_name = var.environment
94-
xray_tracing_enabled = false
94+
xray_tracing_enabled = var.enable_xray_tracing
95+
96+
depends_on = [aws_cloudwatch_log_group.api_gateway_stage]
97+
}
98+
99+
resource "aws_cloudwatch_log_group" "api_gateway_stage" {
100+
# Name must follow this format to allow execution logging
101+
# https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html
102+
name = "API-Gateway-Execution-Logs_${aws_api_gateway_rest_api.ndr_doc_store_api.id}/${var.environment}"
103+
retention_in_days = 0
104+
}
105+
106+
resource "aws_api_gateway_method_settings" "api_gateway_stage" {
107+
rest_api_id = aws_api_gateway_rest_api.ndr_doc_store_api.id
108+
stage_name = aws_api_gateway_stage.ndr_api.stage_name
109+
method_path = "*/*"
110+
111+
settings {
112+
logging_level = "INFO"
113+
metrics_enabled = true
114+
data_trace_enabled = true
115+
}
95116
}
96117

97118
resource "aws_api_gateway_gateway_response" "unauthorised_response" {

infrastructure/modules/cloudwatch/README.md

Lines changed: 0 additions & 37 deletions
This file was deleted.

infrastructure/modules/cloudwatch/main.tf

Lines changed: 0 additions & 22 deletions
This file was deleted.

infrastructure/modules/cloudwatch/variable.tf

Lines changed: 0 additions & 34 deletions
This file was deleted.

infrastructure/variable.tf

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -217,4 +217,10 @@ variable "cloud_security_console_public_address" {
217217
type = string
218218
default = "0.0.0.0/0"
219219
description = "Using public address to make sure CloudStorageSecurity console is available"
220+
}
221+
222+
variable "enable_xray_tracing" {
223+
description = "Enable AWS X-Ray tracing for the API Gateway stage"
224+
type = bool
225+
default = false
220226
}

0 commit comments

Comments
 (0)