Authorizer function not logging to CloudWatch

0

Greetings.

Full Disclosure - I am still very new to AWS.

For my first AWS project, I am creating a websocket connection between my website and my DynamoDB table. Inasmuch, I have created the tables, a Websocket API, and the supporting Lambda functions. Everything is working great.

I then added a JS Lamba Authorizer function (Node 8.10), and something peculiar is occurring: Within the function, I am using simple console.log statements to help me debug an Unauthorized condition. When I Test the function, the logs appear in CloudWatch. However, when I attempt to make a connection from my website, no logs appear in CloudWatch.

All my other Lambda functions - $connect, $disconnect, and the routing functions - all work normally and output their console.log text to CloudWatch. Only the Authorizer function fails to send logs, and yet when I click on the "Test" button, the logs are sent.

I was thinking that there might be some log settings on the function itself, but I'm not able to locate anything other than this entry in the Developer:

Allow: logs:CreateLogGroup
Allow: logs:CreateLogStream
Allow: logs:DescribeLogGroups
Allow: logs:DescribeLogStreams
Allow: logs:PutLogEvents
Allow: logs:GetLogEvents
Allow: logs:FilterLogEvents

Other than the global log setting in the Websocket API, I can't figure out why all my APIs except the Authorizer will log to CloudWatch.

Has anyone run into something like this before, and if so, what did you do to fix it? If not, can anyone give me a hint as to where I can look to debug this issue?

Thank you.

asked 5 years ago1380 views
1 Answer
0

To answer my own question, the problem was indeed due to the "Unauthorized" problem that I mentioned but thought it has nothing to do with it.

When I setup my authorizer, I set a Lambda Event payload for a custom header, and I had neglected to set that header in my browser session. According to the documentation at https://docs.aws.amazon.com/apigateway/latest/developerguide/configure-api-gateway-lambda-authorization-with-console.html, section 9b, the API Gateway will throw a 401 Unauthorized error without even executing the Lambda function. So that was the source of the problem.

answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions