Hello All, I recently started looking in to severless. So far its very helpful. I was able to deploy API + LAMBDA which works great using cloud formation template. However, now i am trying to enable “Cloud Watch Logs” with “INFO” level logging for API Gateway i deployed. I am using nodeJS. But i am stuck. Please see my serverless.yml. I recently added “resources” section to get the logs enabled but struggling with it to get working. Can anybody please help me.
service: serverless-middleware-getnews
provider:
name: aws
runtime: nodejs4.3
role: arn:aws:iam::2914332239557:role/serverless-lambda-role
deploymentBucket: serverless-bucket
stage: ${opt:stage, self:custom.defaultStage}
profile: ${self:custom.profiles.${self:provider.stage}}
region: us-east-1
environment: ${file(env-vars/${self:custom.stage}.yml)}
memorySize: 1024
timeout: 300
custom:
stage: "${opt:stage, self:provider.stage}"
defaultStage: stage
profiles:
dev: serverless-middleware-news-dev
stage: serverless-middleware-news-stage
prod: serverless-middleware-news-prod
package:
individually: true
exclude:
- .gitignore
- .jshintrc
- .npmignore
- .env
- env-vars/**
- context.json
- event-data/**
- data/**
- deploy.env
- Gruntfile.js
- policy-document.txt
- README.md
functions:
feed:
handler: functions/news.handler
name: serverless-news-${self:provider.stage}
events:
- http:
path: news
method: get
cors: true
resources:
Resources:
Deployment:
DependsOn: "ApiGatewayMethodNewsGet, ApiGatewayMethodNewsOptions"
Type: "AWS::ApiGateway::Deployment"
Properties:
RestApiId:
Ref: "ApiGatewayRestApi"
DeploymentId:
Ref: "NewsDeployment"
StageName: ${self:provider.stage}
MethodSettings:
DataTraceEnabled: true
HttpMethod: "*"
LoggingLevel: INFO
ResourcePath: "/*"
MetricsEnabled: true
1 Like
Hello, anybody any ideas on what i am doing wrong here.
Found the answer. Basically i added a plugin and modified the resource as shown below to do the trick.
service: serverless-middleware-getnews
provider:
name: aws
runtime: nodejs4.3
role: arn:aws:iam::2914332239557:role/serverless-lambda-role
deploymentBucket: serverless-bucket
stage: ${opt:stage, self:custom.defaultStage}
profile: ${self:custom.profiles.${self:provider.stage}}
region: us-east-1
environment: ${file(env-vars/${self:custom.stage}.yml)}
memorySize: 1024
timeout: 300
custom:
stage: "${opt:stage, self:provider.stage}"
defaultStage: stage
profiles:
dev: serverless-middleware-news-dev
stage: serverless-middleware-news-stage
prod: serverless-middleware-news-prod
plugins:
- serverless-plugin-stage-variables
package:
individually: true
exclude:
- .gitignore
- .jshintrc
- .npmignore
- .env
- env-vars/**
- context.json
- event-data/**
- data/**
- deploy.env
- Gruntfile.js
- policy-document.txt
- README.md
functions:
feed:
handler: functions/news.handler
name: serverless-news-${self:provider.stage}
events:
- http:
path: news
method: get
cors: true
resources:
Resources:
ApiGatewayStage:
Type: AWS::ApiGateway::Stage
Properties:
MethodSettings:
- DataTraceEnabled: true
HttpMethod: "*"
LoggingLevel: INFO
ResourcePath: "/*"
MetricsEnabled: true
2 Likes
bill
November 11, 2017, 9:54am
4
VivekMuddasani:
stage
When I followed the setting and add the new resource ApiGatewayStage
, I got this error.
An error occurred: ApiGatewayStage - dev already exists.
Do you know how to fix it?
I didn’t set stage in provider, so it uses the default stage, dev
, do I have to set other name to avoid the error?
update #1
After I remove and deploy again, this issue is gone, now have another:
An error occurred: ApiGatewayStage - CloudWatch Logs role ARN must be set in account settings to enable logging.
But I have set the iamRoleStatements:
iamRoleStatements:
- Effect: Allow
Action:
- cloudwatch:*
- logs:*
Resource:
- "*"
update #2
I have added the role in provider part, but still get same error
role: arn:aws:iam::xxxx:role/serverless-lambda-role
1 Like
joshes
December 7, 2017, 8:41pm
5
2 Likes
bill
December 10, 2017, 4:48am
6
I wrote a detail document on how to enable access logs for api gateway:
@VivekMuddasani
The big problem in your solution is, the role you defined in provider -> role
is used by lambda, not for api gateway.
1 Like
Solution mentioned by “VivekMuddasani” no longer works in version greater than 1.41.0 of the framework. This will be overwritten by the new capability of the framework but unfortunately it will try to create a role for the cw logging which isn’t a good practice in production without having a way to use an existing role…