class AccessLogField
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.APIGateway.AccessLogField |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awsapigateway#AccessLogField |
![]() | software.amazon.awscdk.services.apigateway.AccessLogField |
![]() | aws_cdk.aws_apigateway.AccessLogField |
![]() | aws-cdk-lib » aws_apigateway » AccessLogField |
$context variables that can be used to customize access log pattern.
Example
apigateway.AccessLogFormat.custom(JSON.stringify({
requestId: apigateway.AccessLogField.contextRequestId(),
sourceIp: apigateway.AccessLogField.contextIdentitySourceIp(),
method: apigateway.AccessLogField.contextHttpMethod(),
userContext: {
sub: apigateway.AccessLogField.contextAuthorizerClaims('sub'),
email: apigateway.AccessLogField.contextAuthorizerClaims('email')
}
}))
Initializer
new AccessLogField()
Methods
Name | Description |
---|---|
static context | The API callers AWS account ID. |
static context | The identifier API Gateway assigns to your API. |
static context | The error message returned from an authentication attempt. |
static context | The authentication latency in ms. |
static context | The status code returned from an authentication attempt. |
static context | The authorization error message. |
static context | The authorization latency in ms. |
static context | The status code returned from an authorization attempt. |
static context | The stringified value of the specified key-value pair of the context map returned from an API Gateway Lambda authorizer function. |
static context | A property of the claims returned from the Amazon Cognito user pool after the method caller is successfully authenticated. |
static context | The error message returned from an authorizer. |
static context | The authorizer latency in ms. |
static context | The status code returned from a Lambda authorizer. |
static context | The authorizer latency in ms. |
static context | The principal user identification associated with the token sent by the client and returned from an API Gateway Lambda authorizer (formerly known as a custom authorizer). |
static context | The AWS endpoint's request ID. |
static context | The status code returned from an authorizer. |
static context | The AWS endpoint's request ID. |
static context | The API callers AWS account ID. |
static context | The path for an API mapping that an incoming request matched. |
static context | The full domain name used to invoke the API. |
static context | The first label of the $context.domainName . This is often used as a caller/customer identifier. |
static context | A string containing an API Gateway error message. |
static context | The quoted value of $context.error.message, namely "$context.error.message". |
static context | A type of GatewayResponse. |
static context | A string containing a detailed validation error message. |
static context | The extended ID that API Gateway assigns to the API request, which contains more useful information for debugging/troubleshooting. |
static context | The HTTP method used. |
static context | The AWS account ID associated with the request. |
static context | For API methods that require an API key, this variable is the API key associated with the method request. |
static context | The API key ID associated with an API request that requires an API key. |
static context | The principal identifier of the caller making the request. |
static context | The distinguished name of the issuer of the certificate that a client presents. |
static context | The PEM-encoded client certificate that the client presented during mutual TLS authentication. |
static context | The serial number of the certificate. |
static context | The distinguished name of the subject of the certificate that a client presents. |
static context | The date after which the certificate is invalid. |
static context | The date before which the certificate is invalid. |
static context | The Amazon Cognito authentication provider used by the caller making the request. |
static context | The Amazon Cognito authentication type of the caller making the request. |
static context | The Amazon Cognito identity ID of the caller making the request. |
static context | The Amazon Cognito identity pool ID of the caller making the request. |
static context | The AWS organization ID. |
static context | The source IP address of the TCP connection making the request to API Gateway. |
static context | The principal identifier of the user making the request. |
static context | The User-Agent header of the API caller. |
static context | The Amazon Resource Name (ARN) of the effective user identified after authentication. |
static context | A string that contains an integration error message. |
static context | The integration latency in ms. |
static context | For Lambda proxy integration, this parameter represents the status code returned from AWS Lambda, not from the backend Lambda function. |
static context | The API owner's AWS account ID. |
static context | The request path. |
static context | The request protocol, for example, HTTP/1.1. |
static context | The ID that API Gateway assigns to the API request. |
static context | The request header override. |
static context | The request path override. |
static context | The request query string override. |
static context | The CLF-formatted request time (dd/MMM/yyyy:HH:mm:ss +-hhmm). |
static context | The Epoch-formatted request time. |
static context | The identifier that API Gateway assigns to your resource. |
static context | The path to your resource. |
static context | The response latency in ms. |
static context | The response payload length. |
static context | The response header override. |
static context | The response status code override. |
static context | The deployment stage of the API request (for example, Beta or Prod ). |
static context | The method response status. |
static context | The error message returned from AWS WAF. |
static context | The AWS WAF latency in ms. |
static context | The response received from AWS WAF: WAF_ALLOW or WAF_BLOCK . |
static context | The status code returned from AWS WAF. |
static context | The complete ARN of the web ACL that is used to decide whether to allow or block the request. |
static context | The trace ID for the X-Ray trace. |
static contextAccountId()
public static contextAccountId(): string
⚠️ Deprecated: Use contextCallerAccountId
or contextOwnerAccountId
instead
Returns
string
The API callers AWS account ID.
static contextApiId()
public static contextApiId(): string
Returns
string
The identifier API Gateway assigns to your API.
static contextAuthenticateError()
public static contextAuthenticateError(): string
Returns
string
The error message returned from an authentication attempt.
static contextAuthenticateLatency()
public static contextAuthenticateLatency(): string
Returns
string
The authentication latency in ms.
static contextAuthenticateStatus()
public static contextAuthenticateStatus(): string
Returns
string
The status code returned from an authentication attempt.
static contextAuthorizeError()
public static contextAuthorizeError(): string
Returns
string
The authorization error message.
static contextAuthorizeLatency()
public static contextAuthorizeLatency(): string
Returns
string
The authorization latency in ms.
static contextAuthorizeStatus()
public static contextAuthorizeStatus(): string
Returns
string
The status code returned from an authorization attempt.
static contextAuthorizer(property)
public static contextAuthorizer(property: string): string
Parameters
- property
string
— key of the context map.
Returns
string
The stringified value of the specified key-value pair of the context
map returned from an API Gateway Lambda authorizer function.
static contextAuthorizerClaims(property)
public static contextAuthorizerClaims(property: string): string
Parameters
- property
string
— A property key of the claims.
Returns
string
A property of the claims returned from the Amazon Cognito user pool after the method caller is successfully authenticated.
static contextAuthorizerError()
public static contextAuthorizerError(): string
Returns
string
The error message returned from an authorizer.
static contextAuthorizerIntegrationLatency()
public static contextAuthorizerIntegrationLatency(): string
Returns
string
The authorizer latency in ms.
static contextAuthorizerIntegrationStatus()
public static contextAuthorizerIntegrationStatus(): string
Returns
string
The status code returned from a Lambda authorizer.
static contextAuthorizerLatency()
public static contextAuthorizerLatency(): string
Returns
string
The authorizer latency in ms.
static contextAuthorizerPrincipalId()
public static contextAuthorizerPrincipalId(): string
Returns
string
The principal user identification associated with the token sent by the client and returned from an API Gateway Lambda authorizer (formerly known as a custom authorizer).
static contextAuthorizerRequestId()
public static contextAuthorizerRequestId(): string
Returns
string
The AWS endpoint's request ID.
static contextAuthorizerStatus()
public static contextAuthorizerStatus(): string
Returns
string
The status code returned from an authorizer.
static contextAwsEndpointRequestId()
public static contextAwsEndpointRequestId(): string
Returns
string
The AWS endpoint's request ID.
static contextCallerAccountId()
public static contextCallerAccountId(): string
Returns
string
The API callers AWS account ID.
static contextCustomDomainBasePathMatched()
public static contextCustomDomainBasePathMatched(): string
Returns
string
The path for an API mapping that an incoming request matched.
Applicable when a client uses a custom domain name to access an API. For example if a client sends a request to https://api.example.com/v1/orders/1234, and the request matches the API mapping with the path v1/orders, the value is v1/orders.
static contextDomainName()
public static contextDomainName(): string
Returns
string
The full domain name used to invoke the API.
This should be the same as the incoming Host
header.
static contextDomainPrefix()
public static contextDomainPrefix(): string
Returns
string
The first label of the $context.domainName
. This is often used as a caller/customer identifier.
static contextErrorMessage()
public static contextErrorMessage(): string
Returns
string
A string containing an API Gateway error message.
static contextErrorMessageString()
public static contextErrorMessageString(): string
Returns
string
The quoted value of $context.error.message, namely "$context.error.message".
static contextErrorResponseType()
public static contextErrorResponseType(): string
Returns
string
A type of GatewayResponse.
This variable can only be used for simple variable substitution in a GatewayResponse body-mapping template, which is not processed by the Velocity Template Language engine, and in access logging.
static contextErrorValidationErrorString()
public static contextErrorValidationErrorString(): string
Returns
string
A string containing a detailed validation error message.
static contextExtendedRequestId()
public static contextExtendedRequestId(): string
Returns
string
The extended ID that API Gateway assigns to the API request, which contains more useful information for debugging/troubleshooting.
static contextHttpMethod()
public static contextHttpMethod(): string
Returns
string
The HTTP method used.
Valid values include: DELETE
, GET
, HEAD
, OPTIONS
, PATCH
, POST
, and PUT
.
static contextIdentityAccountId()
public static contextIdentityAccountId(): string
Returns
string
The AWS account ID associated with the request.
static contextIdentityApiKey()
public static contextIdentityApiKey(): string
Returns
string
For API methods that require an API key, this variable is the API key associated with the method request.
For methods that don't require an API key, this variable is
static contextIdentityApiKeyId()
public static contextIdentityApiKeyId(): string
Returns
string
The API key ID associated with an API request that requires an API key.
static contextIdentityCaller()
public static contextIdentityCaller(): string
Returns
string
The principal identifier of the caller making the request.
static contextIdentityClientCertIssunerDN()
public static contextIdentityClientCertIssunerDN(): string
Returns
string
The distinguished name of the issuer of the certificate that a client presents.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
static contextIdentityClientCertPem()
public static contextIdentityClientCertPem(): string
Returns
string
The PEM-encoded client certificate that the client presented during mutual TLS authentication.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
static contextIdentityClientCertSerialNumber()
public static contextIdentityClientCertSerialNumber(): string
Returns
string
The serial number of the certificate.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
static contextIdentityClientCertSubjectDN()
public static contextIdentityClientCertSubjectDN(): string
Returns
string
The distinguished name of the subject of the certificate that a client presents.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
static contextIdentityClientCertValidityNotAfter()
public static contextIdentityClientCertValidityNotAfter(): string
Returns
string
The date after which the certificate is invalid.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
static contextIdentityClientCertValidityNotBefore()
public static contextIdentityClientCertValidityNotBefore(): string
Returns
string
The date before which the certificate is invalid.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
static contextIdentityCognitoAuthenticationProvider()
public static contextIdentityCognitoAuthenticationProvider(): string
Returns
string
The Amazon Cognito authentication provider used by the caller making the request.
Available only if the request was signed with Amazon Cognito credentials.
See also: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html
static contextIdentityCognitoAuthenticationType()
public static contextIdentityCognitoAuthenticationType(): string
Returns
string
The Amazon Cognito authentication type of the caller making the request.
Available only if the request was signed with Amazon Cognito credentials.
static contextIdentityCognitoIdentityId()
public static contextIdentityCognitoIdentityId(): string
Returns
string
The Amazon Cognito identity ID of the caller making the request.
Available only if the request was signed with Amazon Cognito credentials.
static contextIdentityCognitoIdentityPoolId()
public static contextIdentityCognitoIdentityPoolId(): string
Returns
string
The Amazon Cognito identity pool ID of the caller making the request.
Available only if the request was signed with Amazon Cognito credentials.
static contextIdentityPrincipalOrgId()
public static contextIdentityPrincipalOrgId(): string
Returns
string
The AWS organization ID.
static contextIdentitySourceIp()
public static contextIdentitySourceIp(): string
Returns
string
The source IP address of the TCP connection making the request to API Gateway.
Warning: You should not trust this value if there is any chance that the X-Forwarded-For
header could be forged.
static contextIdentityUser()
public static contextIdentityUser(): string
Returns
string
The principal identifier of the user making the request.
Used in Lambda authorizers.
static contextIdentityUserAgent()
public static contextIdentityUserAgent(): string
Returns
string
The User-Agent header of the API caller.
static contextIdentityUserArn()
public static contextIdentityUserArn(): string
Returns
string
The Amazon Resource Name (ARN) of the effective user identified after authentication.
See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html
static contextIntegrationErrorMessage()
public static contextIntegrationErrorMessage(): string
Returns
string
A string that contains an integration error message.
static contextIntegrationLatency()
public static contextIntegrationLatency(): string
Returns
string
The integration latency in ms.
static contextIntegrationStatus()
public static contextIntegrationStatus(): string
Returns
string
For Lambda proxy integration, this parameter represents the status code returned from AWS Lambda, not from the backend Lambda function.
static contextOwnerAccountId()
public static contextOwnerAccountId(): string
Returns
string
The API owner's AWS account ID.
static contextPath()
public static contextPath(): string
Returns
string
The request path.
For example, for a non-proxy request URL of https://{rest-api-id.execute-api.{region}.amazonaws.com/{stage}/root/child, this value is /{stage}/root/child.
static contextProtocol()
public static contextProtocol(): string
Returns
string
The request protocol, for example, HTTP/1.1.
static contextRequestId()
public static contextRequestId(): string
Returns
string
The ID that API Gateway assigns to the API request.
static contextRequestOverrideHeader(headerName)
public static contextRequestOverrideHeader(headerName: string): string
Parameters
- headerName
string
Returns
string
The request header override.
If this parameter is defined, it contains the headers to be used instead of the HTTP Headers that are defined in the Integration Request pane.
static contextRequestOverridePath(pathName)
public static contextRequestOverridePath(pathName: string): string
Parameters
- pathName
string
Returns
string
The request path override.
If this parameter is defined, it contains the request path to be used instead of the URL Path Parameters that are defined in the Integration Request pane.
static contextRequestOverrideQuerystring(querystringName)
public static contextRequestOverrideQuerystring(querystringName: string): string
Parameters
- querystringName
string
Returns
string
The request query string override.
If this parameter is defined, it contains the request query strings to be used instead of the URL Query String Parameters that are defined in the Integration Request pane.
static contextRequestTime()
public static contextRequestTime(): string
Returns
string
The CLF-formatted request time (dd/MMM/yyyy:HH:mm:ss +-hhmm).
static contextRequestTimeEpoch()
public static contextRequestTimeEpoch(): string
Returns
string
The Epoch-formatted request time.
static contextResourceId()
public static contextResourceId(): string
Returns
string
The identifier that API Gateway assigns to your resource.
static contextResourcePath()
public static contextResourcePath(): string
Returns
string
The path to your resource.
For example, for the non-proxy request URI of https://{rest-api-id.execute-api.{region}.amazonaws.com/{stage}/root/child
,
The $context.resourcePath value is /root/child
.
static contextResponseLatency()
public static contextResponseLatency(): string
Returns
string
The response latency in ms.
static contextResponseLength()
public static contextResponseLength(): string
Returns
string
The response payload length.
static contextResponseOverrideHeader(headerName)
public static contextResponseOverrideHeader(headerName: string): string
Parameters
- headerName
string
Returns
string
The response header override.
If this parameter is defined, it contains the header to be returned instead of the Response header that is defined as the Default mapping in the Integration Response pane.
static contextResponseOverrideStatus()
public static contextResponseOverrideStatus(): string
Returns
string
The response status code override.
If this parameter is defined, it contains the status code to be returned instead of the Method response status that is defined as the Default mapping in the Integration Response pane.
static contextStage()
public static contextStage(): string
Returns
string
The deployment stage of the API request (for example, Beta
or Prod
).
static contextStatus()
public static contextStatus(): string
Returns
string
The method response status.
static contextWafError()
public static contextWafError(): string
Returns
string
The error message returned from AWS WAF.
static contextWafLatency()
public static contextWafLatency(): string
Returns
string
The AWS WAF latency in ms.
static contextWafResponseCode()
public static contextWafResponseCode(): string
Returns
string
The response received from AWS WAF: WAF_ALLOW
or WAF_BLOCK
.
Will not be set if the stage is not associated with a web ACL.
static contextWafStatus()
public static contextWafStatus(): string
Returns
string
The status code returned from AWS WAF.
static contextWebaclArn()
public static contextWebaclArn(): string
Returns
string
The complete ARN of the web ACL that is used to decide whether to allow or block the request.
Will not be set if the stage is not associated with a web ACL.
static contextXrayTraceId()
public static contextXrayTraceId(): string
Returns
string
The trace ID for the X-Ray trace.