Description: 

AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors.


Rationale:

You can use AWS X-Ray to trace and analyze user requests as they travel through your Amazon API Gateway REST APIs to the underlying services. API Gateway supports X-Ray tracing for all API Gateway REST API endpoint types: Regional, edge-optimized, and private. You can use X-Ray with Amazon API Gateway in all AWS Regions where X-Ray is available.


Impact:

X-Ray gives you an end-to-end view of an entire request, you can analyze latencies in your APIs and their backend services. You can use an X-Ray service map to view the latency of an entire request and that of the downstream services that are integrated with X-Ray.


Default Value:

There are two modes of tracing for an API Gateway API:

  • Passive: This is the default setting if you have not enabled X-Ray tracing on an API stage. This approach means that the API Gateway API is only traced if X-Ray has been enabled on an upstream service.

  • Active: When an API Gateway API stage has this setting, API Gateway automatically samples API invocation requests, based on the sampling algorithm specified by X-Ray. 

Pre-requisites:

Sign in as admin or IAM user with required permissions

Remediation:

Test Plan:

  1. Login to AWS Management console

  2. Go to the API Gateway console at https://console.aws.amazon.com/apigateway.

  3. In the APIs pane, choose the API, and then choose Stages.

  4. In the Stages pane, choose the name of the stage.

  5. In the Stage Editor pane, choose the Logs/Tracing tab.

  6. Check whether Enable X-Ray Tracing is checked/unchecked.

  7. If unchecked follow the implementation step.


Using AWS CLI: 

To check whether Xray enabled

aws apigateway get-stages
  --region us-east-1
  --rest-api-id <value>
  --query 'item[?(stageName==`<value>`)].tracingEnabled | []'



Implementation steps:

  1. Login to AWS Management console

  2. Go to the API Gateway console at https://console.aws.amazon.com/apigateway.

  3. Click on APIs, in the left navigation pane

  4. Choose the API, and then click on Stages.

  5. In the Stages pane, choose the name of the stage.

  6. In the Stage Editor page, go to the Logs/Tracing tab.

  7. To enable X-Ray tracing, check Enable X-Ray Tracing checkBox under X-Ray Tracing section. Click on Save Changes 

  8. Once you've enabled X-Ray for your API stage, you can use the X-Ray management console to view the traces and service maps.


Using AWS CLI: 

Too enable xray tracing 

aws apigateway update-stage          \
    --rest-api-id {rest-api-id}      \
    --stage-name {stage-name}      \
    --patch-operations op=replace,path=/tracingEnabled,value=true


Backout plan:

  1. Log in to AWS Management console

  2. Go to the API Gateway console at https://console.aws.amazon.com/apigateway.

  3. In the APIs pane, choose the API, and then choose Stages.

  4. In the Stages pane, choose the name of the stage.

  5. In the Stage Editor pane, choose the Logs/Tracing tab.

  6. Uncheck Enable X-Ray Tracing under X-Ray Tracing. Click Save Changes


Using AWS CLI: 

Too disable xray tracing 

aws apigateway update-stage          \
    --rest-api-id {rest-api-id}      \
    --stage-name {stage-name}      \
    --patch-operations op=replace,path=/tracingEnabled,value=false


Notes:

Once you've enabled X-Ray for your API stage, you can use the X-Ray management console to view the traces and service maps

To create an API follow this documentation : Tutorial: Build a REST API with HTTP proxy integration - Amazon API Gateway


References:

Setting up a stage using the API Gateway console - Amazon API Gateway