By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

API Gateway - HTTP API CloudWatch Log Variables

0

Hi, I've build an architecture like below; Enter image description here

As you can see in the architecture, I can successfully return the PrincipalId value via Lambda Authorizer. However, according to the guidance in CloudWatch documentation, I cannot access the principalId value on logs with $context.authorizer.principalId. It comes as "-" continuously. How can I get this data?

Thanks.

Topics
ServerlessComputeFront-End Web & MobileNetworking & Content DeliveryManagement & Governance
Tags
AWS LambdaAmazon API GatewayAmazon CloudWatch
Language
English
Ugur
asked a month ago259 views
2 Answers
0

Make sure that the IAM role associated with your API Gateway has permissions to write to CloudWatch Logs (e.g., the logs:CreateLogGroup, logs:CreateLogStream, and logs:PutLogEvents actions

profile picture
EXPERT
Sedat Salman
answered a month ago
0

Thanks, When I check through IAM, I see that I have the necessary permissions. Logs are below. Only principalId field always "-".

{
    "requestId": "U_wSVhG4l*******",
    "ip": "85.***.**.**",
    "requestTime": "21/Mar/2024:20:09:50 +0000",
    "httpMethod": "GET",
    "routeKey": "ANY /{proxy+}",
    "status": "200",
    "protocol": "HTTP/1.1",
    "responseLength": "87",
    "path": "/***/***/***",
    "reqLatency": "107 ms",
    "resLatency": "109 ms",
    "userAgent": "***",
    "principalId": "-"
}
Ugur
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content