https://pulumi.com logo
#aws
Title
# aws
g

great-greece-44955

10/03/2022, 3:16 AM
Hello, could someone please point me to some documentation on configuring API Gateway access logging, including the required role?
l

little-cartoon-10569

10/03/2022, 3:39 AM
g

great-greece-44955

10/03/2022, 3:44 AM
Yes, exactly - to CloudWatch. How can we do this in Pulumi, including setting the required permission on the API Gateway?
l

little-cartoon-10569

10/03/2022, 3:52 AM
All the AWS details are on that page. You don't set any permissions on the APIGateway side, just CloudWatch.
Nope, I have that backwards, my mistake.
You need to add the given managed policy to whatever role you're giving to APIGateway.
You use the Account resource to associate a role with the gateway
g

great-greece-44955

10/03/2022, 5:16 AM
So once I have created the user with the required role, how do I associate this account with the API Gateway instance?
I think this is where I was getting stuck on. Is it possible to do this when creating an API Gateway with the AWS Crosswalk API?
l

little-cartoon-10569

10/03/2022, 5:20 AM
You don't need a user for this. You create an instance of the apigateway.Account class.
Not sure about awsx stuff, I'll look it up, onesec.
I can't see API gateway in awsx...
g

great-greece-44955

10/03/2022, 5:23 AM
Sorry, I meant Account, not user. I the example above, an Account instance named “demo” is created. Do I need to do anything with this to associate it with the API Gateway instance?
l

little-cartoon-10569

10/03/2022, 5:25 AM
No. From the top of the docs page:
Account
Provides a settings of an API Gateway Account. Settings is applied region-wide per provider block.
g

great-greece-44955

10/03/2022, 5:26 AM
I see, thanks.