The aws:apigateway/methodSettings:MethodSettings resource, part of the Pulumi AWS provider, configures CloudWatch logging, metrics, and data tracing for individual API Gateway methods or entire stages. This guide focuses on two capabilities: CloudWatch logging levels and metrics/data tracing toggles.
Method settings apply to existing REST APIs and stages. The examples are intentionally small. Combine them with your own API Gateway infrastructure and IAM roles for CloudWatch access.
Disable CloudWatch logging for a method
High-volume endpoints or methods handling sensitive data often need logging disabled to reduce costs or prevent data exposure.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pathSpecific = new aws.apigateway.MethodSettings("path_specific", {
restApi: example.id,
stageName: exampleAwsApiGatewayStage.stageName,
methodPath: "path1/GET",
settings: {
loggingLevel: "OFF",
},
});
import pulumi
import pulumi_aws as aws
path_specific = aws.apigateway.MethodSettings("path_specific",
rest_api=example["id"],
stage_name=example_aws_api_gateway_stage["stageName"],
method_path="path1/GET",
settings={
"logging_level": "OFF",
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/apigateway"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apigateway.NewMethodSettings(ctx, "path_specific", &apigateway.MethodSettingsArgs{
RestApi: pulumi.Any(example.Id),
StageName: pulumi.Any(exampleAwsApiGatewayStage.StageName),
MethodPath: pulumi.String("path1/GET"),
Settings: &apigateway.MethodSettingsSettingsArgs{
LoggingLevel: pulumi.String("OFF"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var pathSpecific = new Aws.ApiGateway.MethodSettings("path_specific", new()
{
RestApi = example.Id,
StageName = exampleAwsApiGatewayStage.StageName,
MethodPath = "path1/GET",
Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs
{
LoggingLevel = "OFF",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.apigateway.MethodSettings;
import com.pulumi.aws.apigateway.MethodSettingsArgs;
import com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pathSpecific = new MethodSettings("pathSpecific", MethodSettingsArgs.builder()
.restApi(example.id())
.stageName(exampleAwsApiGatewayStage.stageName())
.methodPath("path1/GET")
.settings(MethodSettingsSettingsArgs.builder()
.loggingLevel("OFF")
.build())
.build());
}
}
resources:
pathSpecific:
type: aws:apigateway:MethodSettings
name: path_specific
properties:
restApi: ${example.id}
stageName: ${exampleAwsApiGatewayStage.stageName}
methodPath: path1/GET
settings:
loggingLevel: OFF
The loggingLevel property set to “OFF” disables CloudWatch logging entirely for this method. The methodPath targets a specific resource and HTTP verb combination (format: “resource_path/HTTP_METHOD”).
Log errors and enable CloudWatch metrics
Production APIs typically track errors and performance without the storage costs of full request logging.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pathSpecific = new aws.apigateway.MethodSettings("path_specific", {
restApi: example.id,
stageName: exampleAwsApiGatewayStage.stageName,
methodPath: "path1/GET",
settings: {
loggingLevel: "ERROR",
metricsEnabled: true,
dataTraceEnabled: false,
},
});
import pulumi
import pulumi_aws as aws
path_specific = aws.apigateway.MethodSettings("path_specific",
rest_api=example["id"],
stage_name=example_aws_api_gateway_stage["stageName"],
method_path="path1/GET",
settings={
"logging_level": "ERROR",
"metrics_enabled": True,
"data_trace_enabled": False,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/apigateway"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apigateway.NewMethodSettings(ctx, "path_specific", &apigateway.MethodSettingsArgs{
RestApi: pulumi.Any(example.Id),
StageName: pulumi.Any(exampleAwsApiGatewayStage.StageName),
MethodPath: pulumi.String("path1/GET"),
Settings: &apigateway.MethodSettingsSettingsArgs{
LoggingLevel: pulumi.String("ERROR"),
MetricsEnabled: pulumi.Bool(true),
DataTraceEnabled: pulumi.Bool(false),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var pathSpecific = new Aws.ApiGateway.MethodSettings("path_specific", new()
{
RestApi = example.Id,
StageName = exampleAwsApiGatewayStage.StageName,
MethodPath = "path1/GET",
Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs
{
LoggingLevel = "ERROR",
MetricsEnabled = true,
DataTraceEnabled = false,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.apigateway.MethodSettings;
import com.pulumi.aws.apigateway.MethodSettingsArgs;
import com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pathSpecific = new MethodSettings("pathSpecific", MethodSettingsArgs.builder()
.restApi(example.id())
.stageName(exampleAwsApiGatewayStage.stageName())
.methodPath("path1/GET")
.settings(MethodSettingsSettingsArgs.builder()
.loggingLevel("ERROR")
.metricsEnabled(true)
.dataTraceEnabled(false)
.build())
.build());
}
}
resources:
pathSpecific:
type: aws:apigateway:MethodSettings
name: path_specific
properties:
restApi: ${example.id}
stageName: ${exampleAwsApiGatewayStage.stageName}
methodPath: path1/GET
settings:
loggingLevel: ERROR
metricsEnabled: true
dataTraceEnabled: false
Setting loggingLevel to “ERROR” captures only failed requests. The metricsEnabled property sends latency and request count data to CloudWatch. Setting dataTraceEnabled to false prevents logging request and response bodies, reducing storage costs while maintaining error visibility.
Capture informational logs without request bodies
Debugging workflows often need request metadata and timing without full payload capture.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pathSpecific = new aws.apigateway.MethodSettings("path_specific", {
restApi: example.id,
stageName: exampleAwsApiGatewayStage.stageName,
methodPath: "path1/GET",
settings: {
loggingLevel: "INFO",
metricsEnabled: true,
dataTraceEnabled: false,
},
});
import pulumi
import pulumi_aws as aws
path_specific = aws.apigateway.MethodSettings("path_specific",
rest_api=example["id"],
stage_name=example_aws_api_gateway_stage["stageName"],
method_path="path1/GET",
settings={
"logging_level": "INFO",
"metrics_enabled": True,
"data_trace_enabled": False,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/apigateway"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apigateway.NewMethodSettings(ctx, "path_specific", &apigateway.MethodSettingsArgs{
RestApi: pulumi.Any(example.Id),
StageName: pulumi.Any(exampleAwsApiGatewayStage.StageName),
MethodPath: pulumi.String("path1/GET"),
Settings: &apigateway.MethodSettingsSettingsArgs{
LoggingLevel: pulumi.String("INFO"),
MetricsEnabled: pulumi.Bool(true),
DataTraceEnabled: pulumi.Bool(false),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var pathSpecific = new Aws.ApiGateway.MethodSettings("path_specific", new()
{
RestApi = example.Id,
StageName = exampleAwsApiGatewayStage.StageName,
MethodPath = "path1/GET",
Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs
{
LoggingLevel = "INFO",
MetricsEnabled = true,
DataTraceEnabled = false,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.apigateway.MethodSettings;
import com.pulumi.aws.apigateway.MethodSettingsArgs;
import com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pathSpecific = new MethodSettings("pathSpecific", MethodSettingsArgs.builder()
.restApi(example.id())
.stageName(exampleAwsApiGatewayStage.stageName())
.methodPath("path1/GET")
.settings(MethodSettingsSettingsArgs.builder()
.loggingLevel("INFO")
.metricsEnabled(true)
.dataTraceEnabled(false)
.build())
.build());
}
}
resources:
pathSpecific:
type: aws:apigateway:MethodSettings
name: path_specific
properties:
restApi: ${example.id}
stageName: ${exampleAwsApiGatewayStage.stageName}
methodPath: path1/GET
settings:
loggingLevel: INFO
metricsEnabled: true
dataTraceEnabled: false
The “INFO” logging level captures request metadata, headers, and timing information. With dataTraceEnabled still false, you get visibility into request flow without storing potentially large or sensitive payloads.
Enable full request and response tracing
Troubleshooting integration issues requires complete visibility into what API Gateway sends and receives.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pathSpecific = new aws.apigateway.MethodSettings("path_specific", {
restApi: example.id,
stageName: exampleAwsApiGatewayStage.stageName,
methodPath: "path1/GET",
settings: {
loggingLevel: "INFO",
metricsEnabled: true,
dataTraceEnabled: true,
},
});
import pulumi
import pulumi_aws as aws
path_specific = aws.apigateway.MethodSettings("path_specific",
rest_api=example["id"],
stage_name=example_aws_api_gateway_stage["stageName"],
method_path="path1/GET",
settings={
"logging_level": "INFO",
"metrics_enabled": True,
"data_trace_enabled": True,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/apigateway"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apigateway.NewMethodSettings(ctx, "path_specific", &apigateway.MethodSettingsArgs{
RestApi: pulumi.Any(example.Id),
StageName: pulumi.Any(exampleAwsApiGatewayStage.StageName),
MethodPath: pulumi.String("path1/GET"),
Settings: &apigateway.MethodSettingsSettingsArgs{
LoggingLevel: pulumi.String("INFO"),
MetricsEnabled: pulumi.Bool(true),
DataTraceEnabled: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var pathSpecific = new Aws.ApiGateway.MethodSettings("path_specific", new()
{
RestApi = example.Id,
StageName = exampleAwsApiGatewayStage.StageName,
MethodPath = "path1/GET",
Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs
{
LoggingLevel = "INFO",
MetricsEnabled = true,
DataTraceEnabled = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.apigateway.MethodSettings;
import com.pulumi.aws.apigateway.MethodSettingsArgs;
import com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pathSpecific = new MethodSettings("pathSpecific", MethodSettingsArgs.builder()
.restApi(example.id())
.stageName(exampleAwsApiGatewayStage.stageName())
.methodPath("path1/GET")
.settings(MethodSettingsSettingsArgs.builder()
.loggingLevel("INFO")
.metricsEnabled(true)
.dataTraceEnabled(true)
.build())
.build());
}
}
resources:
pathSpecific:
type: aws:apigateway:MethodSettings
name: path_specific
properties:
restApi: ${example.id}
stageName: ${exampleAwsApiGatewayStage.stageName}
methodPath: path1/GET
settings:
loggingLevel: INFO
metricsEnabled: true
dataTraceEnabled: true
Setting dataTraceEnabled to true logs complete request and response bodies alongside the “INFO” level metadata. This configuration provides maximum observability but generates the highest CloudWatch Logs storage costs.
Beyond these examples
These snippets focus on specific method settings features: CloudWatch logging levels and metrics and data tracing. They’re intentionally minimal rather than complete API configurations.
The examples reference pre-existing infrastructure such as REST APIs with deployed stages and API methods at specific resource paths. They focus on configuring observability rather than building the API itself.
To keep things focused, common method settings patterns are omitted, including:
- Wildcard method paths (/) for stage-wide settings
- Throttling and caching configuration
- Custom access logging formats
These omissions are intentional: the goal is to illustrate how each logging and metrics feature is wired, not provide drop-in API modules. See the API Gateway MethodSettings resource reference for all available configuration options.
Let's configure AWS API Gateway Method Settings
Get started with Pulumi Cloud, then follow our quick setup guide to deploy this infrastructure.
Try Pulumi Cloud for FREEFrequently Asked Questions
Resource Lifecycle & Deployment
Should I use aws.apigateway.Stage or aws.apigateway.Deployment for managing stages?
Use
aws.apigateway.Stage instead of aws.apigateway.Deployment with the stageName argument. Stages managed by aws.apigateway.Deployment are recreated on redeployment, requiring a second apply to recreate method settings.Why do my method settings require a second apply after deployment?
This happens when using
aws.apigateway.Deployment with stageName. The stage gets recreated on redeployment, destroying the method settings. Switch to aws.apigateway.Stage to avoid this issue.Logging & Monitoring Configuration
What logging levels can I configure for API Gateway methods?
Three levels are available:
OFF (no logging), ERROR (errors only), and INFO (errors and informational logs).What's the difference between loggingLevel and dataTraceEnabled?
loggingLevel controls CloudWatch log verbosity (OFF/ERROR/INFO), while dataTraceEnabled adds full request and response body logging to the logs.How do I log full request and response data?
Set
loggingLevel to INFO and dataTraceEnabled to true. This captures complete request/response bodies in CloudWatch.Should I enable metrics with logging?
Yes, the examples show
metricsEnabled: true paired with ERROR and INFO logging levels for comprehensive monitoring.Method Path Configuration
How do I apply settings to all methods in a stage?
Use
*/* as the methodPath value to override settings for all methods in the stage.Why should I trim leading slashes from method paths?
Method paths must not have leading forward slashes. Use a function like
trimprefix to remove them from resource paths before constructing the method path.Immutability & Updates
What properties can't I change without replacing the resource?
The
methodPath, restApi, and stageName properties are immutable. Changing any of these requires replacing the resource.Using a different cloud?
Explore integration guides for other cloud providers: