Channels
#aws
Title
# aws
g
great-greece-44955
10/03/2022, 3:16 AMHello, could someone please point me to some documentation on configuring API Gateway access logging, including the required role?
l
little-cartoon-10569
10/03/2022, 3:39 AMJust to CloudWatch? https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html
g
great-greece-44955
10/03/2022, 3:44 AMYes, exactly - to CloudWatch. How can we do this in Pulumi, including setting the required permission on the API Gateway?
l
little-cartoon-10569
10/03/2022, 3:52 AMAll the AWS details are on that page. You don't set any permissions on the APIGateway side, just CloudWatch.
Nope, I have that backwards, my mistake.
You need to add the given managed policy to whatever role you're giving to APIGateway.
You use the Account resource to associate a role with the gateway
There's an example on this page:https://www.pulumi.com/registry/packages/aws/api-docs/apigateway/account/
g
great-greece-44955
10/03/2022, 5:16 AMSo once I have created the user with the required role, how do I associate this account with the API Gateway instance?
I think this is where I was getting stuck on. Is it possible to do this when creating an API Gateway with the AWS Crosswalk API?
l
little-cartoon-10569
10/03/2022, 5:20 AMYou don't need a user for this. You create an instance of the apigateway.Account class.
Not sure about awsx stuff, I'll look it up, onesec.
I can't see API gateway in awsx...
g
great-greece-44955
10/03/2022, 5:23 AMSorry, I meant Account, not user. I the example above, an Account instance named “demo” is created. Do I need to do anything with this to associate it with the API Gateway instance?
l
little-cartoon-10569
10/03/2022, 5:25 AMNo. From the top of the docs page:
Account
Provides a settings of an API Gateway Account. Settings is applied region-wide per provider block.
g
great-greece-44955
10/03/2022, 5:26 AMI see, thanks.