I have lambda function written in golang. I run it through calling HTTP API gateway. It works fine but I would like to see logs written in stderr which are produced by my golang program.
I tried this
aws logs describe-log-groups
but it shows empty array:
{
"logGroups": []
}
Actually, I can see logs only when I invoke lambda function directly without API gateway like this:
aws lambda invoke --function-name $FUNCTION_NAME $output --log-type Tail --query 'LogResult'
the log is printed right after the invoke, in this case.
But it would be even better to see the logs of the lambda function when I call it by HTTP API gateway.
Update 1
I added a log group with name /aws/lambda/$FUNCTION_NAME:
aws logs create-log-group --log-group-name /aws/lambda/$FUNCTION_NAME
And added log stream to it:
aws logs create-log-stream --log-group-name /aws/lambda/$FUNCTION_NAME --log-stream-name /aws/lambda/$FUNCTION_NAME
Then I invoke my lambda function via API to produce some logs. Now checking the logs:
aws logs get-log-events --log-group-name /aws/lambda/$FUNCTION_NAME --log-stream-name /aws/lambda/$FUNCTION_NAME
And get the response:
{
"nextForwardToken": "f/7872383232323",
"events": [],
"nextBackwardToken": "b/8080823092093"
}
So I don't have any events... hmmm...
I checked this log group in console. It's empty there as well.
Update 2
I added CloudWatchFullAccess policy to the role attached to this lambda function:
aws iam attach-role-policy --role-name $roleName \
--policy-arn arn:aws:iam::aws:policy/CloudWatchFullAccess
Called API, rechecked logs, still empty. Interesting that when I list role policies, it shows an empty array. Although, I just set CloudWatchFullAccess above.
aws iam list-role-policies --role-name $roleName
{
"PolicyNames": []
}
