diff --git a/infrastructure/terraform/components/app/README.md b/infrastructure/terraform/components/app/README.md
index efeeab36c..bb013b8c1 100644
--- a/infrastructure/terraform/components/app/README.md
+++ b/infrastructure/terraform/components/app/README.md
@@ -28,6 +28,7 @@
 | <a name="input_destination_vault_arn"></a> [destination\_vault\_arn](#input\_destination\_vault\_arn) | ARN of the backup vault in the destination account, if this environment should be backed up | `string` | `null` | no |
 | <a name="input_enable_amplify_basic_auth"></a> [enable\_amplify\_basic\_auth](#input\_enable\_amplify\_basic\_auth) | Enable a basic set of credentials in the form of a dynamically generated username and password for the amplify app branches. Not intended for production use | `bool` | `true` | no |
 | <a name="input_enable_amplify_branch_auto_build"></a> [enable\_amplify\_branch\_auto\_build](#input\_enable\_amplify\_branch\_auto\_build) | Enable automatic building of branches | `bool` | `false` | no |
+| <a name="input_enable_api_data_trace"></a> [enable\_api\_data\_trace](#input\_enable\_api\_data\_trace) | Enable API Gateway data trace logging | `bool` | `false` | no |
 | <a name="input_enable_cognito_built_in_idp"></a> [enable\_cognito\_built\_in\_idp](#input\_enable\_cognito\_built\_in\_idp) | Enable the use of Cognito as an IDP; CIS2 is preferred | `bool` | `false` | no |
 | <a name="input_enable_event_caching"></a> [enable\_event\_caching](#input\_enable\_event\_caching) | Enable caching of events to an S3 bucket | `bool` | `true` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | The name of the tfscaffold environment | `string` | n/a | yes |
diff --git a/infrastructure/terraform/components/app/module_backend_api.tf b/infrastructure/terraform/components/app/module_backend_api.tf
index 15dd60915..d73b5c751 100644
--- a/infrastructure/terraform/components/app/module_backend_api.tf
+++ b/infrastructure/terraform/components/app/module_backend_api.tf
@@ -24,6 +24,7 @@ module "backend_api" {
   letter_suppliers          = var.letter_suppliers
   log_destination_arn       = local.log_destination_arn
   log_subscription_role_arn = local.acct.log_subscription_role_arn
+  enable_api_data_trace     = var.enable_api_data_trace
 
   email_domain                            = module.ses.domain
   template_submitted_sender_email_address = "template-submitted@${module.ses.domain}"
diff --git a/infrastructure/terraform/components/app/variables.tf b/infrastructure/terraform/components/app/variables.tf
index 4e8f961fb..f6f54c2bf 100644
--- a/infrastructure/terraform/components/app/variables.tf
+++ b/infrastructure/terraform/components/app/variables.tf
@@ -213,3 +213,9 @@ variable "external_email_domain" {
   default     = null
   description = "Externally managed domain used to create an SES identity for sending emails from. Validation DNS records will need to be manually configured in the DNS provider."
 }
+
+variable "enable_api_data_trace" {
+  type        = bool
+  description = "Enable API Gateway data trace logging"
+  default     = false
+}
diff --git a/infrastructure/terraform/modules/backend-api/README.md b/infrastructure/terraform/modules/backend-api/README.md
index 2197b0c81..cbcdd89a0 100644
--- a/infrastructure/terraform/modules/backend-api/README.md
+++ b/infrastructure/terraform/modules/backend-api/README.md
@@ -15,6 +15,7 @@ No requirements.
 | <a name="input_component"></a> [component](#input\_component) | The variable encapsulating the name of this component | `string` | n/a | yes |
 | <a name="input_csi"></a> [csi](#input\_csi) | CSI from the parent component | `string` | n/a | yes |
 | <a name="input_email_domain"></a> [email\_domain](#input\_email\_domain) | Email domain | `string` | n/a | yes |
+| <a name="input_enable_api_data_trace"></a> [enable\_api\_data\_trace](#input\_enable\_api\_data\_trace) | Enable API Gateway data trace logging | `bool` | `false` | no |
 | <a name="input_enable_backup"></a> [enable\_backup](#input\_enable\_backup) | Enable Backups for the DynamoDB table? | `bool` | `true` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | The name of the tfscaffold environment | `string` | n/a | yes |
 | <a name="input_function_s3_bucket"></a> [function\_s3\_bucket](#input\_function\_s3\_bucket) | Name of S3 bucket to upload lambda artefacts to | `string` | n/a | yes |
diff --git a/infrastructure/terraform/modules/backend-api/api_gateway_method_settings.tf b/infrastructure/terraform/modules/backend-api/api_gateway_method_settings.tf
index d491732e1..a1db71c7f 100644
--- a/infrastructure/terraform/modules/backend-api/api_gateway_method_settings.tf
+++ b/infrastructure/terraform/modules/backend-api/api_gateway_method_settings.tf
@@ -6,6 +6,6 @@ resource "aws_api_gateway_method_settings" "main" {
   settings {
     metrics_enabled    = true
     logging_level      = "INFO"
-    data_trace_enabled = true
+    data_trace_enabled = var.enable_api_data_trace
   }
 }
diff --git a/infrastructure/terraform/modules/backend-api/variables.tf b/infrastructure/terraform/modules/backend-api/variables.tf
index 1c7c82ddc..b7678992f 100644
--- a/infrastructure/terraform/modules/backend-api/variables.tf
+++ b/infrastructure/terraform/modules/backend-api/variables.tf
@@ -139,3 +139,9 @@ variable "sns_topic_arn" {
   description = "SNS topic ARN"
   default     = null
 }
+
+variable "enable_api_data_trace" {
+  type        = bool
+  description = "Enable API Gateway data trace logging"
+  default     = false
+}