Background
AWS API gateway lets you create APIs that can scale. In this post, I will show you how to turn on cloud watch logging for your API gateway.
If you do not wish to read the post below you can just view the youtube video that covers the same flow.
How to enable CloudWatch Logs for APIs in API Gateway
I am assuming you already have an API created in API gateway and have deployed it in a stage.
Before you turn on cloud watch logging for your API deployed in a stage you need to provide API gateway a role to provide permission to send logs to cloud watch. To do so first create a role from IAM service for API gateway with permission to send logs to cloud watch. To do so go to IAM and then roles and click on create Role.
Next, select the permission that it shows - the one that allows API gateway to publish logs to cloud watch. Click review and create this role.
Once the role is created open it and copy the role ARN.
Now go to API gateway and go to Settings. Here you should see "CloudWatch log role ARN" field. Paste the copied ARN into this and save.
Once this is set up all that is left is to turn on cloud watch logging for your API. To turn it on go to your stage where your API is deployed. Next, go to the "Logs/tracing" tab and select the checkbox that says "Enable CloudWatch Logs". You can also optionally select "Log full requests/responses data".
Now you can go to Cloud watch -> Logs and see logs corresponding to each stage of your API gateway.
NOTES:
- If you successfully enabled CloudWatch Logs for API Gateway, you will see the entry /aws/apigateway/welcome listed in the Log Groups section of the right pane.
- You might need to redeploy your API after enabling CloudWatch logs from the API Gateway console before your logs are visible in the CloudWatch console.
- Your API will have a Log Group titled API-Gateway-Execution-Logs_api-id/ that contains numerous log streams.