How to save response and request body from api gateway to s3?

0

I have an Api Gateway with different integrations: lambda proxy, sagemaker, and elastic load balancer. What I want is to automatically catch request body, and response body, and send them to s3. My first approach was to configure a custom access logging to the methods I want and send to s3 through kinesis firehose; however with this approach the only information accessible were $context variables, and I need the request body and response body for auditing and monitoring purposes. My second approach was to enable Full request and response logs, create a subscription filter and send response body and request to s3 through kinesis firehose, this would work; however due to Api Gateway limits, if response and request body length surpass 1024 bytes, they will be truncated by API Gateway before submission to CloudWatch Logs.

Is there is another way to accomplish this task ? or is simply not possible to catch every request and response information directly from Api Gateway and the only way is to implement another service that receive the information from each one of my integrations and send it to s3?

1 Answer
1

Hi,

I don't think so. As you mention, API Gateway limits log events to 1024 bytes and greater events are truncated before submission to CloudWatch logs, so, either you centralize it in a proxy (Cost and latency must be considered), or you implement it in the service itself.

On the other hand, I recommend you be careful with full request and response logs on production APIs, since could contain sensitive data.

profile picture
EXPERT
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions