AccessLogField
- class aws_cdk.aws_apigateway.AccessLogField
Bases:
object$context variables that can be used to customize access log pattern.
- ExampleMetadata:
infused
Example:
apigateway.AccessLogFormat.custom(JSON.stringify({ "request_id": apigateway.AccessLogField.context_request_id(), "source_ip": apigateway.AccessLogField.context_identity_source_ip(), "method": apigateway.AccessLogField.context_http_method(), "user_context": { "sub": apigateway.AccessLogField.context_authorizer_claims("sub"), "email": apigateway.AccessLogField.context_authorizer_claims("email") } }))
Static Methods
- classmethod context_account_id()
(deprecated) The API callers AWS account ID.
- Deprecated:
Use
contextCallerAccountIdorcontextOwnerAccountIdinstead- Stability:
deprecated
- Return type:
str
- classmethod context_api_id()
The identifier API Gateway assigns to your API.
- Return type:
str
- classmethod context_authenticate_error()
The error message returned from an authentication attempt.
- Return type:
str
- classmethod context_authenticate_latency()
The authentication latency in ms.
- Return type:
str
- classmethod context_authenticate_status()
The status code returned from an authentication attempt.
- Return type:
str
- classmethod context_authorize_error()
The authorization error message.
- Return type:
str
- classmethod context_authorize_latency()
The authorization latency in ms.
- Return type:
str
- classmethod context_authorize_status()
The status code returned from an authorization attempt.
- Return type:
str
- classmethod context_authorizer(property)
The stringified value of the specified key-value pair of the
contextmap returned from an API Gateway Lambda authorizer function.- Parameters:
property (
str) – key of the context map.- See:
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html
- Return type:
str
- classmethod context_authorizer_claims(property)
A property of the claims returned from the Amazon Cognito user pool after the method caller is successfully authenticated.
- Parameters:
property (
str) – A property key of the claims.- See:
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
- Return type:
str
- classmethod context_authorizer_error()
The error message returned from an authorizer.
- Return type:
str
- classmethod context_authorizer_integration_latency()
The authorizer latency in ms.
- Return type:
str
- classmethod context_authorizer_integration_status()
The status code returned from a Lambda authorizer.
- Return type:
str
- classmethod context_authorizer_latency()
The authorizer latency in ms.
- Return type:
str
- classmethod context_authorizer_principal_id()
The principal user identification associated with the token sent by the client and returned from an API Gateway Lambda authorizer (formerly known as a custom authorizer).
- classmethod context_authorizer_request_id()
The AWS endpoint’s request ID.
- Return type:
str
- classmethod context_authorizer_status()
The status code returned from an authorizer.
- Return type:
str
- classmethod context_aws_endpoint_request_id()
The AWS endpoint’s request ID.
- Return type:
str
- classmethod context_caller_account_id()
The API callers AWS account ID.
- Return type:
str
- classmethod context_custom_domain_base_path_matched()
The path for an API mapping that an incoming request matched.
Applicable when a client uses a custom domain name to access an API. For example if a client sends a request to https://api.example.com/v1/orders/1234, and the request matches the API mapping with the path v1/orders, the value is v1/orders.
- classmethod context_domain_name()
The full domain name used to invoke the API.
This should be the same as the incoming
Hostheader.- Return type:
str
- classmethod context_domain_prefix()
The first label of the
$context.domainName. This is often used as a caller/customer identifier.- Return type:
str
- classmethod context_error_message()
A string containing an API Gateway error message.
- Return type:
str
- classmethod context_error_message_string()
The quoted value of $context.error.message, namely “$context.error.message”.
- Return type:
str
- classmethod context_error_response_type()
A type of GatewayResponse.
This variable can only be used for simple variable substitution in a GatewayResponse body-mapping template, which is not processed by the Velocity Template Language engine, and in access logging.
- classmethod context_error_validation_error_string()
A string containing a detailed validation error message.
- Return type:
str
- classmethod context_extended_request_id()
The extended ID that API Gateway assigns to the API request, which contains more useful information for debugging/troubleshooting.
- Return type:
str
- classmethod context_http_method()
The HTTP method used.
Valid values include:
DELETE,GET,HEAD,OPTIONS,PATCH,POST, andPUT.- Return type:
str
- classmethod context_identity_account_id()
The AWS account ID associated with the request.
- Return type:
str
- classmethod context_identity_api_key()
For API methods that require an API key, this variable is the API key associated with the method request.
For methods that don’t require an API key, this variable is
- classmethod context_identity_api_key_id()
The API key ID associated with an API request that requires an API key.
- Return type:
str
- classmethod context_identity_caller()
The principal identifier of the caller making the request.
- Return type:
str
- classmethod context_identity_client_cert_issuner_dn()
The distinguished name of the issuer of the certificate that a client presents.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
- Return type:
str
- classmethod context_identity_client_cert_pem()
The PEM-encoded client certificate that the client presented during mutual TLS authentication.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
- Return type:
str
- classmethod context_identity_client_cert_serial_number()
The serial number of the certificate.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
- Return type:
str
- classmethod context_identity_client_cert_subject_dn()
The distinguished name of the subject of the certificate that a client presents.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
- Return type:
str
- classmethod context_identity_client_cert_validity_not_after()
The date after which the certificate is invalid.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
- Return type:
str
- classmethod context_identity_client_cert_validity_not_before()
The date before which the certificate is invalid.
Present when a client accesses an API by using a custom domain name that has mutual TLS enabled. Present only in access logs if mutual TLS authentication fails.
- Return type:
str
- classmethod context_identity_cognito_authentication_provider()
The Amazon Cognito authentication provider used by the caller making the request.
Available only if the request was signed with Amazon Cognito credentials.
- See:
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html
- Return type:
str
- classmethod context_identity_cognito_authentication_type()
The Amazon Cognito authentication type of the caller making the request.
Available only if the request was signed with Amazon Cognito credentials.
- Return type:
str
- classmethod context_identity_cognito_identity_id()
The Amazon Cognito identity ID of the caller making the request.
Available only if the request was signed with Amazon Cognito credentials.
- Return type:
str
- classmethod context_identity_cognito_identity_pool_id()
The Amazon Cognito identity pool ID of the caller making the request.
Available only if the request was signed with Amazon Cognito credentials.
- Return type:
str
- classmethod context_identity_principal_org_id()
The AWS organization ID.
- Return type:
str
- classmethod context_identity_source_ip()
The source IP address of the TCP connection making the request to API Gateway.
Warning: You should not trust this value if there is any chance that the
X-Forwarded-Forheader could be forged.- Return type:
str
- classmethod context_identity_user()
The principal identifier of the user making the request.
Used in Lambda authorizers.
- classmethod context_identity_user_agent()
The User-Agent header of the API caller.
- Return type:
str
- classmethod context_identity_user_arn()
The Amazon Resource Name (ARN) of the effective user identified after authentication.
- See:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html
- Return type:
str
- classmethod context_integration_error_message()
A string that contains an integration error message.
- Return type:
str
- classmethod context_integration_latency()
The integration latency in ms.
- Return type:
str
- classmethod context_integration_status()
For Lambda proxy integration, this parameter represents the status code returned from AWS Lambda, not from the backend Lambda function.
- Return type:
str
- classmethod context_owner_account_id()
The API owner’s AWS account ID.
- Return type:
str
- classmethod context_path()
The request path.
For example, for a non-proxy request URL of https://{rest-api-id.execute-api.{region}.amazonaws.com/{stage}/root/child, this value is /{stage}/root/child.
- Return type:
str
- classmethod context_protocol()
The request protocol, for example, HTTP/1.1.
- Return type:
str
- classmethod context_request_id()
The ID that API Gateway assigns to the API request.
- Return type:
str
- classmethod context_request_override_header(header_name)
The request header override.
If this parameter is defined, it contains the headers to be used instead of the HTTP Headers that are defined in the Integration Request pane.
- Parameters:
header_name (
str) –- See:
- Return type:
str
- classmethod context_request_override_path(path_name)
The request path override.
If this parameter is defined, it contains the request path to be used instead of the URL Path Parameters that are defined in the Integration Request pane.
- Parameters:
path_name (
str) –- See:
- Return type:
str
- classmethod context_request_override_querystring(querystring_name)
The request query string override.
If this parameter is defined, it contains the request query strings to be used instead of the URL Query String Parameters that are defined in the Integration Request pane.
- Parameters:
querystring_name (
str) –- Return type:
str
- classmethod context_request_time()
The CLF-formatted request time (dd/MMM/yyyy:HH:mm:ss +-hhmm).
- Return type:
str
- classmethod context_request_time_epoch()
The Epoch-formatted request time.
- Return type:
str
- classmethod context_resource_id()
The identifier that API Gateway assigns to your resource.
- Return type:
str
- classmethod context_resource_path()
The path to your resource.
For example, for the non-proxy request URI of
https://{rest-api-id.execute-api.{region}.amazonaws.com/{stage}/root/child, The $context.resourcePath value is/root/child.
- classmethod context_response_latency()
The response latency in ms.
- Return type:
str
- classmethod context_response_length()
The response payload length.
- Return type:
str
- classmethod context_response_override_header(header_name)
The response header override.
If this parameter is defined, it contains the header to be returned instead of the Response header that is defined as the Default mapping in the Integration Response pane.
- Parameters:
header_name (
str) –- See:
- Return type:
str
- classmethod context_response_override_status()
The response status code override.
If this parameter is defined, it contains the status code to be returned instead of the Method response status that is defined as the Default mapping in the Integration Response pane.
- classmethod context_stage()
The deployment stage of the API request (for example,
BetaorProd).- Return type:
str
- classmethod context_status()
The method response status.
- Return type:
str
- classmethod context_waf_error()
The error message returned from AWS WAF.
- Return type:
str
- classmethod context_waf_latency()
The AWS WAF latency in ms.
- Return type:
str
- classmethod context_waf_response_code()
The response received from AWS WAF:
WAF_ALLOWorWAF_BLOCK.Will not be set if the stage is not associated with a web ACL.
- classmethod context_waf_status()
The status code returned from AWS WAF.
- Return type:
str
- classmethod context_webacl_arn()
The complete ARN of the web ACL that is used to decide whether to allow or block the request.
Will not be set if the stage is not associated with a web ACL.
- classmethod context_xray_trace_id()
The trace ID for the X-Ray trace.