[Enhancement]: additional logging_level options for aws api gw to match aws gui options

[susie-idw]

Description

AWS API Gateways offer 4 logging levels in the stage settings:

1. Off
2. Errors only
3. Errors and Info Logs
4. Full request and response logs

Currently, the resource api_gateway_method_settings has options for the first 3 but not the 4th. I'm requesting that the option be added to select "Full request and response logs" in the logging_level argument for the api_gateway_method_settings resource.

Affected Resource(s) and/or Data Source(s)

api_gateway_method_settings

Potential Terraform Configuration

Currently "The available levels are OFF, ERROR, and INFO" for logging_level. I propose "FULL" be added to configure "Full request and response logs".

References

Terraform resource:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings

Setting in api gw:

Would you like to implement a fix?

None

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[acwwat]

According to the MethodSetting data type in the API reference doc, loggingLevel supports only the three value. However, it seems that the UI's fourth option is referring to the dataTraceEnabled attribute. The first thing that jumped out is that the argument description in the TF doc is the same as the description in the API reference.

With that assumption, I looked at the backend call that the UI makes when saving the stage settings, and I can see that it's changing loggingLevel to INFO and dataTraceEnabled to true per JSON object below.

Based on this, we can assume that the "Full request and response logs" option is the same as setting logging_level to INFO and data_trace_enabled to true. Please validate in your Terraform configuration and report back the results - deploy with these two arguments set appropriately, then validate the setting in the UI.

{
  "patchOperations": [
    {
      "op": "replace",
      "path": "/*/*/metrics/enabled",
      "value": "false"
    },
    {
      "op": "replace",
      "path": "/*/*/logging/loglevel",
      "value": "INFO"
    },
    {
      "op": "replace",
      "path": "/*/*/logging/dataTrace",
      "value": "true"
    },
    {
      "op": "replace",
      "path": "/tracingEnabled",
      "value": "false"
    },
    {
      "op": "remove",
      "path": "/accessLogSettings",
      "value": ""
    }
  ]
}

[acwwat]

Actually the TF doc already have the answer. Refer to the Full Request and Response Logs option in the Full Request and Response Logs section of the resource doc. You also need to set metrics_enabled to true.

[susie-idw]

@acwwat thank you for pointing this out. It works. I tested it with the following code:

resource "aws_api_gateway_rest_api" "example" {
  body = jsonencode({
    openapi = "3.0.1"
    info = {
      title   = "example"
      version = "1.0"
    }
    paths = {
      "/path1" = {
        get = {
          x-amazon-apigateway-integration = {
            httpMethod           = "GET"
            payloadFormatVersion = "1.0"
            type                 = "HTTP_PROXY"
            uri                  = "https://ip-ranges.amazonaws.com/ip-ranges.json"
          }
        }
      }
    }
  })

  name = "example"
}

resource "aws_api_gateway_deployment" "example" {
  rest_api_id = aws_api_gateway_rest_api.example.id

  triggers = {
    redeployment = sha1(jsonencode(aws_api_gateway_rest_api.example.body))
  }

  lifecycle {
    create_before_destroy = true
  }
}

resource "aws_api_gateway_stage" "example" {
  deployment_id = aws_api_gateway_deployment.example.id
  rest_api_id   = aws_api_gateway_rest_api.example.id
  stage_name    = "example"
  xray_tracing_enabled = true
}

resource "aws_api_gateway_method_settings" "all" {
  rest_api_id = aws_api_gateway_rest_api.example.id
  stage_name  = aws_api_gateway_stage.example.stage_name
  method_path = "*/*"

  settings {
    logging_level      = "INFO"
    metrics_enabled    = true
    data_trace_enabled = true
  }
}

As you can see, i was looking for a fourth logging_level option and didn't see the data_trace_enabled (+ logging_level = INFO) combo to achieve this result.

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.