Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(core): custom resources deprecate logRetention in favor of logGroup #28783

Merged
merged 4 commits into from
Jan 22, 2024
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 12 additions & 1 deletion packages/aws-cdk-lib/aws-s3-deployment/lib/bucket-deployment.ts
Original file line number Diff line number Diff line change
Expand Up @@ -112,9 +112,17 @@ export interface BucketDeploymentProps {
* The number of days that the lambda function's log events are kept in CloudWatch Logs.
*
* @default logs.RetentionDays.INFINITE
* @deprecated Use logGroup for full control over the custom resource log group
mrgrain marked this conversation as resolved.
Show resolved Hide resolved
*/
readonly logRetention?: logs.RetentionDays;

/**
* The Log Group used for logging of events emitted by the custom resource's lambda function.
*
* @default - a default log group created by AWS Lambda
mrgrain marked this conversation as resolved.
Show resolved Hide resolved
*/
readonly logGroup?: logs.ILogGroup;

/**
* The amount of memory (in MiB) to allocate to the AWS Lambda function which
* replicates the files from the CDK bucket to the destination bucket.
Expand Down Expand Up @@ -336,7 +344,10 @@ export class BucketDeployment extends Construct {
accessPoint,
mountPath,
) : undefined,
logRetention: props.logRetention,
// props.logRetention is deprecated, make sure we only set it if it is actually provided
// otherwise jsii will print warnings even for users that don't use this directly
...(props.logRetention ? { logRetention: props.logRetention } : {}),
logGroup: props.logGroup,
mrgrain marked this conversation as resolved.
Show resolved Hide resolved
});

const handlerRole = handler.role;
Expand Down
18 changes: 13 additions & 5 deletions packages/aws-cdk-lib/custom-resources/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,9 @@ declare const myRole: iam.Role;
const myProvider = new cr.Provider(this, 'MyProvider', {
onEventHandler: onEvent,
isCompleteHandler: isComplete, // optional async "waiter"
logRetention: logs.RetentionDays.ONE_DAY, // default is INFINITE
logGroup: new logs.LogGroup(this, 'MyProviderLogs', {
retention: logs.RetentionDays.ONE_DAY,
}),
role: myRole, // must be assumable by the `lambda.amazonaws.com` service principal
});

Expand Down Expand Up @@ -382,7 +384,9 @@ declare const myRole: iam.Role;
const myProvider = new cr.Provider(this, 'MyProvider', {
onEventHandler: onEvent,
isCompleteHandler: isComplete,
logRetention: logs.RetentionDays.ONE_DAY,
logGroup: new logs.LogGroup(this, 'MyProviderLogs', {
retention: logs.RetentionDays.ONE_DAY,
}),
role: myRole,
providerFunctionName: 'the-lambda-name', // Optional
});
Expand All @@ -404,7 +408,9 @@ const key = new kms.Key(this, 'MyKey');
const myProvider = new cr.Provider(this, 'MyProvider', {
onEventHandler: onEvent,
isCompleteHandler: isComplete,
logRetention: logs.RetentionDays.ONE_DAY,
logGroup: new logs.LogGroup(this, 'MyProviderLogs', {
retention: logs.RetentionDays.ONE_DAY,
}),
role: myRole,
providerFunctionEnvEncryption: key, // Optional
});
Expand Down Expand Up @@ -536,15 +542,17 @@ In both the cases, you will get a synth time error if you attempt to use it in c

### Customizing the Lambda function implementing the custom resource

Use the `role`, `timeout`, `logRetention`, `functionName` and `removalPolicy` properties to customize
Use the `role`, `timeout`, `logGroup`, `functionName` and `removalPolicy` properties to customize
the Lambda function implementing the custom resource:

```ts
declare const myRole: iam.Role;
new cr.AwsCustomResource(this, 'Customized', {
role: myRole, // must be assumable by the `lambda.amazonaws.com` service principal
timeout: Duration.minutes(10), // defaults to 2 minutes
logRetention: logs.RetentionDays.ONE_WEEK, // defaults to never delete logs
logGroup: new logs.LogGroup(this, 'AwsCustomResourceLogs', {
retention: logs.RetentionDays.ONE_DAY,
}),
functionName: 'my-custom-name', // defaults to a CloudFormation generated name
removalPolicy: RemovalPolicy.RETAIN, // defaults to `RemovalPolicy.DESTROY`
policy: cr.AwsCustomResourcePolicy.fromSdkCalls({
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -330,9 +330,17 @@ export interface AwsCustomResourceProps {
* this custom resource are kept in CloudWatch Logs.
*
* @default logs.RetentionDays.INFINITE
* @deprecated Use logGroup for full control over the custom resource log group
*/
readonly logRetention?: logs.RetentionDays;

/**
* The Log Group used for logging of events emitted by the custom resource's lambda function.
*
* @default - a default log group created by AWS Lambda
*/
readonly logGroup?: logs.ILogGroup;

/**
* Whether to install the latest AWS SDK v2.
*
Expand Down Expand Up @@ -450,7 +458,10 @@ export class AwsCustomResource extends Construct implements iam.IGrantable {
lambdaPurpose: 'AWS',
timeout: props.timeout || cdk.Duration.minutes(2),
role: props.role,
logRetention: props.logRetention,
// props.logRetention is deprecated, make sure we only set it if it is actually provided
// otherwise jsii will print warnings even for users that don't use this directly
...(props.logRetention ? { logRetention: props.logRetention } : {}),
logGroup: props.logGroup,
functionName: props.functionName,
vpc: props.vpc,
vpcSubnets: props.vpcSubnets,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -71,9 +71,17 @@ export interface ProviderProps {
* To remove the retention policy, set the value to `INFINITE`.
*
* @default logs.RetentionDays.INFINITE
* @deprecated Use logGroup for full control over the custom resource log group
*/
readonly logRetention?: logs.RetentionDays;

/**
* The Log Group used for logging of events emitted by the custom resource's lambda function.
*
* @default - a default log group created by AWS Lambda
*/
readonly logGroup?: logs.ILogGroup;

/**
* The vpc to provision the lambda functions in.
*
Expand Down Expand Up @@ -153,6 +161,7 @@ export class Provider extends Construct implements ICustomResourceProvider {

private readonly entrypoint: lambda.Function;
private readonly logRetention?: logs.RetentionDays;
private readonly logGroup?: logs.ILogGroup;
private readonly vpc?: ec2.IVpc;
private readonly vpcSubnets?: ec2.SubnetSelection;
private readonly securityGroups?: ec2.ISecurityGroup[];
Expand All @@ -171,6 +180,7 @@ export class Provider extends Construct implements ICustomResourceProvider {
this.isCompleteHandler = props.isCompleteHandler;

this.logRetention = props.logRetention;
this.logGroup = props.logGroup;
this.vpc = props.vpc;
this.vpcSubnets = props.vpcSubnets;
this.securityGroups = props.securityGroups;
Expand Down Expand Up @@ -220,7 +230,10 @@ export class Provider extends Construct implements ICustomResourceProvider {
runtime: lambda.Runtime.NODEJS_18_X,
handler: `framework.${entrypoint}`,
timeout: FRAMEWORK_HANDLER_TIMEOUT,
logRetention: this.logRetention,
// props.logRetention is deprecated, make sure we only set it if it is actually provided
// otherwise jsii will print warnings even for users that don't use this directly
...(this.logRetention ? { logRetention: this.logRetention } : {}),
logGroup: this.logGroup,
vpc: this.vpc,
vpcSubnets: this.vpcSubnets,
securityGroups: this.securityGroups,
Expand Down
Loading