aws-logs: Allow JSON filter patterns to use regex by removing automatic double quotes around pattern strings

[sobesim]

Describe the feature

FilterPattern.stringValue should allow the user to specify if the value input field is a regex string or not.

Use Case

According to CloudWatch filter pattern documentation, regex expressions must be surrounded by %.

I'm trying to use cdk's FilterPattern.stringValue to match a json document.

CDK automatically adds double quotes in the final filter pattern, which prevents Cloudwatch from recognizing any string as a regex pattern. For example:

• Correct: { $.foo = %bar% }
• Incorrect: { $.foo = “%bar%” }, what is produced by CDK and does not match the document : {“foo”:“bar”}

Proposed Solution

Reason for this behavior may be this line: https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-logs/lib/pattern.ts#L399. Perhaps we need another input to stringValue that allows the user to specify if the input string is a regex pattern or not.

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

CDK version used

2.144.0

Environment details (OS name and version, etc.)

Linux

[brian-stack]

Also impacted by this issue.

[pahud]

Thank you for the issue report. Please help us prioritize with 👍 and we welcome pull requests.

[jan-xyz]

I created a PR and maybe one of you is willing to also provide some feedback: #30741

[studds]

Is there any workaround for this?

[jan-xyz]

Yes, provide your own function that adds a regex filter pattern, like the one from the PR I linked.

[jan-xyz]

@pahud anything I can do to reopen the PR I made? It was far from abandoned. I requested support weeks ago and never got any response. Honestly, this felt super discouraging and I don't think I will contribute to CDK in the future.

[paulhcsun]

Hi @jan-xyz, apologies for the late response on your PR. I've re-opened and replied on the PR with the information you've requested. Thank you for the contribution!

[JevinAnderson]

Hi @jan-xyz , thanks for raising this! Found this while trying to resolve my own similar problem, and used your solution.

I couldn't comment on the CR, so here are two suggestions:

1. Add a validator. This would be helpful for all users. How many times have we all written code locally that fails once we try it for real? The syntax here could at least be added to a very simple regex, and if the user inputs something forbidden, i.e., a !, they could be directed to this same documentation with a message like, unsupported char, etc...
2. For the comparison variable type, you could enforce the options like so: comparison: '=' | '!='

public static regexValue(jsonField: string, comparison: '=' | '!=', value: string): JsonPattern {
  return new JSONRegexPattern(jsonField, comparison, value);
}

[amrawadk]

@jan-xyz just wanted to say thank you for taking the time to document your solution, it helped me as well.

[jan-xyz]

Nice! I am also planning to still do the remaining work for the integration test. It's just very busy at the moment and I didn't find the time to get to it again.

[prplecake]

@jan-xyz Thanks for the solution!

[jan-xyz]

@paulhcsun I cannot comment on the PR anymore, I finally had the time to pick it up again and added the integration test that was missing. If you have the time, maybe you can check it again?

I only see this:

[jan-xyz]

@JevinAnderson I am not too sure on how to validate the value, I did add the suggested restrictions for the comparison though. That should catch quite a few errors. If you have a suggestion on how to further check the value then let me know.

[paulhcsun]

Hi @jan-xyz, apologies for that inconvenience, I've unlocked the conversation on the PR. Thanks for adding the integ test, I will take a look and leave a review.

[github-actions]

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.