By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Is it possible to get the headers in HttpApi Gateway logs?

0

Howdy!

Is it possible to access and log specific header values directly from the HttpApi Gateway to Cloudwatch?

Im using Cloudflare for my DNS and am routing from Cloudflare to my HttpApi Gateway where I have Lambdas firing. My Gateway is logging the ip to Cloudwatch; however, this is the Cloudflare IP, not the original user IP which is a value sent along in the headers.

I am able to get the original users' ip in my Lambda by accessing event.headers['cf-connecting-ip'], but I would like to have my HttpApi Gateway log this to Cloudwatch as well. I've reviewed the documentation and didn't see mention of accessing headers from the HttpApi Gateway.

Here's what my current log template is set up as for my Gateway

{ "requestId":"$context.requestId", "ip": "$context.identity.sourceIp", " "requestTime":"$context.requestTime", "httpMethod":"$context.httpMethod","routeKey":"$context.routeKey", "status":"$context.status","protocol":"$context.protocol", "responseLength":"$context.responseLength"}

Thanks!

Topics
ServerlessComputeFront-End Web & MobileNetworking & Content Delivery
Tags
ServerlessAWS LambdaAmazon API Gateway
Language
English
rePost-User-3260404
asked 2 years ago4766 views
1 Answer
1
Accepted Answer

It doesn't look like it is possible to log header in the API Gateway access log. From the documentation, only the following variables can be logged from API Gateway access logs to Cloudwatch - https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-logging-variables.html

Having said that, it is possible to log the headers in the backend integration lambda.

I used this tutorial https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-dynamo-db.html and just modified the lambda function code to log the event object

const AWS = require("aws-sdk");

const dynamo = new AWS.DynamoDB.DocumentClient();

exports.handler = async (event, context) => { let body; let statusCode = 200; const headers = { "Content-Type": "application/json" }; console.log("#####################") console.log(event) console.log("#####################") try { .....rest of the code

When I called the API from the API Gateway, I do see the headers getting logged in the Cloudwatch logs of the lambda function.

profile pictureAWS
EXPERT
Indranil Banerjee AWS
answered 2 years ago
  • rePost-User-3260404
    2 years ago

    Thank you! I'll go ahead and continue to log the headers at the Lambda level. That should be enough since I am able to get the original user ip from the headers that way.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content