Skip to content

Commit

Permalink
Set API Gateway execution log retention (#6070)
Browse files Browse the repository at this point in the history
  • Loading branch information
@dsotirho-ucsc
dsotirho-ucsc committed Feb 24, 2025
1 parent 13678c7 commit 2fa8f70
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 0 deletions.
11 changes: 11 additions & 0 deletions scripts/import_cloudwatch_log_groups.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,17 @@ def resource(name):
name = resource(k2 + '_lambda')
log_group = '/aws/lambda/' + v2['function_name']
log_groups[name] = log_group
# API Gateway execution log groups
# For these we have to query AWS to get the API Gateway IDs.
api_client = boto3.client('apigateway')
paginator = api_client.get_paginator('get_rest_apis')
for api_page in paginator.paginate():
for api in api_page['items']:
name, stage = config.unqualified_resource_name(api['name'])
if stage == config.deployment_stage:
name = f'{name}_api_execution'
log_group = f"API-Gateway-Execution-Logs_{api['id']}/{stage}"
log_groups[resource(name)] = log_group

log_client = boto3.client('logs')
paginator = log_client.get_paginator('describe_log_groups')
Expand Down
6 changes: 6 additions & 0 deletions terraform/api_gateway.tf.json.template.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -650,6 +650,12 @@ def for_domain(cls, domain):
'name': '/aws/apigateway/' + config.qualified_resource_name(app.name),
'retention_in_days': config.audit_log_retention_days,
},
f'{app.name}_api_execution': {
'name': 'API-Gateway-Execution-Logs_'
'${aws_api_gateway_rest_api.%s.id}'
'/%s' % (app.name, config.main_deployment_stage),
'retention_in_days': config.audit_log_retention_days,
},
**{
f'{resource_name}_lambda': {
'name': f'/aws/lambda/{resource['function_name']}',
Expand Down

0 comments on commit 2fa8f70

Please sign in to comment.