Enabling AWS API Gateway CloudWatch logging

I deployed a new Lamdba with API Gateway, and when I tried turning on the CloudWatch logging for this API Gateway from the console:

… I got this error that I haven’t seen before:

Turns out per the steps on this page, you need to create an IAM role with API Gateway as the Trusted Entity, and attach the managed policy ‘AmazonAPIGatewayPushToCloudWatchLogs’ :

Add the ARN for the role you created to the Settings for the API you are working with here:


Serverless Framework API Gateway CORS config

If you deploy a Serverless Framework Java Lambda to AWS and attempt to call it locally while developing your frontend, you’ll run into a CORS error like this:

Access to XMLHttpRequest at 'https://abc.execute-api.us-west-1.amazonaws.com/some/api' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Posts suggest to set a cors option under the event in your serverless.yaml like this:

  - http:
    path: handlerPath
    method: post
      origin: '*'

… but in current versions of Serverless this results in an error like this:

Serverless:   at 'functions['example'].events[0].httpApi': unrecognized property 'cors'

From this post, it mentions the cors options has moved up into the provider section:

  name: aws
  runtime: java8
  lambdaHashingVersion: 20201221
    cors: true

This is in the docs here.

This works great!

What does this option do? It looks like it sets these options in API Gateway: