Skip to content

Commit

Permalink
Support optional externally managed cloudwatch log group (#66)
Browse files Browse the repository at this point in the history
  • Loading branch information
@larstobi
larstobi authored Mar 29, 2022
1 parent c242426 commit a7639cb
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 5 deletions.
4 changes: 3 additions & 1 deletion main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ data "aws_region" "current" {}
# Cloudwatch
# ------------------------------------------------------------------------------
resource "aws_cloudwatch_log_group" "main" {
count = var.log_group_name != "" ? 0 : 1
name = var.name_prefix
retention_in_days = var.log_retention_in_days
tags = var.tags
Expand Down Expand Up @@ -51,6 +52,7 @@ resource "aws_iam_role" "task" {
}

resource "aws_iam_role_policy" "log_agent" {
count = var.log_group_name != "" ? 0 : 1
name = "${var.name_prefix}-log-permissions"
role = aws_iam_role.task.id
policy = data.aws_iam_policy_document.task_permissions.json
Expand Down Expand Up @@ -140,7 +142,7 @@ locals {
task_container_mount_points = concat([for v in var.efs_volumes : { containerPath = v.mount_point, readOnly = v.readOnly, sourceVolume = v.name }], var.mount_points)

log_configuration_options = merge({
"awslogs-group" = aws_cloudwatch_log_group.main.name
"awslogs-group" = var.log_group_name != "" ? var.log_group_name : aws_cloudwatch_log_group.main.0.name,
"awslogs-region" = data.aws_region.current.name
"awslogs-stream-prefix" = "container"
}, local.log_multiline_pattern)
Expand Down
2 changes: 1 addition & 1 deletion outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ output "service_name" {

output "log_group_name" {
description = "The name of the Cloudwatch log group for the task."
value = aws_cloudwatch_log_group.main.name
value = var.log_group_name != "" ? var.log_group_name : aws_cloudwatch_log_group.main.0.name
}

output "desired_count" {
Expand Down
6 changes: 3 additions & 3 deletions policies.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,9 @@ data "aws_iam_policy_document" "task_permissions" {
statement {
effect = "Allow"

resources = [
"${aws_cloudwatch_log_group.main.arn}:*",
]
resources = compact([
"${var.log_group_name != "" ? "" : aws_cloudwatch_log_group.main.0.arn}:*",
])

actions = [
"logs:CreateLogStream",
Expand Down
6 changes: 6 additions & 0 deletions variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,12 @@ variable "task_container_environment" {
type = map(string)
}

variable "log_group_name" {
description = "The name of the provided CloudWatch Logs log group to use."
default = ""
type = string
}

variable "log_retention_in_days" {
description = "Number of days the logs will be retained in CloudWatch."
default = 30
Expand Down

0 comments on commit a7639cb

Please sign in to comment.