- Newest
- Most votes
- Most comments
DataTraceEnabled and LoggingLevel settings in Amazon API Gateway are not mutually exclusive. They serve different purposes and can be configured independently.
DataTraceEnabled is specifically for enabling data trace logging, which can be useful for troubleshooting APIs but may result in logging sensitive data. This setting affects the log entries that are pushed to Amazon CloudWatch Logs.
LoggingLevel, on the other hand, controls the general logging level for the API method. It can be set to OFF, ERROR, or INFO.
If DataTraceEnabled is set to true and LoggingLevel is set to OFF, data tracing will still be on. The DataTraceEnabled setting takes precedence over the LoggingLevel setting for data trace logging specifically.
However, it's important to note that while data tracing will be active, the general logging controlled by LoggingLevel will be turned off. This means you'll get the detailed data trace logs, but you won't receive the standard logs that would be generated at the ERROR or INFO levels.
Keep in mind that enabling data trace logging can have implications for performance and cost, especially in production environments, due to the volume of data it can generate. It's generally recommended to use this feature judiciously, particularly for troubleshooting purposes, and to be cautious about enabling it in production settings where sensitive data might be logged.
Sources
AwsApiGatewayV2RouteSettings - AWS Security Hub
MethodSetting - Amazon API Gateway
The answer provided by AI is incorrect based on my testing. I ended up testing this myself today and the answer is when DataTraceEnabled=true and LoggingLevel=OFF data tracing is not enabled.
Relevant content
- Accepted Answerasked 2 years ago
- Accepted Answerasked 2 years ago
- asked 3 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 2 years ago