adds logs_retention_in_days variable defaulting to 90 days

turnerlabs · Oct 3, 2019 · 69c0365 · 69c0365
1 parent fc1a802
commit 69c0365
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 35 deletions.
diff --git a/env/dev/ecs.tf b/env/dev/ecs.tf
@@ -172,9 +172,14 @@ resource "aws_iam_role_policy_attachment" "ecsTaskExecutionRole_policy" {
   policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
 }
 
-resource "aws_cloudwatch_log_group" "logs" {
-  name = "/fargate/service/${var.app}-${var.environment}"
-  retention_in_days = "14"
-  tags = var.tags
+variable "logs_retention_in_days" {
+  type        = number
+  default     = 90
+  description = "Specifies the number of days you want to retain log events"
 }
 
+resource "aws_cloudwatch_log_group" "logs" {
+  name              = "/fargate/service/${var.app}-${var.environment}"
+  retention_in_days = var.logs_retention_in_days
+  tags              = var.tags
+}
diff --git a/env/dev/logs-logzio.tf b/env/dev/logs-logzio.tf
@@ -55,41 +55,39 @@ EOF
 
 #function code from logzio: https://github.com/logzio/cloudwatch-logs-shipper-lambda
 resource "aws_lambda_function" "lambda_logz" {
-function_name    = "${var.app}-${var.environment}-logz"
-description      = "Sends Cloudwatch logs to logz."
-runtime          = "python2.7"
-timeout          = 60
-memory_size      = 512
-role             = aws_iam_role.iam_for_lambda_logz.arn
-handler          = "lambda_function.lambda_handler"
-filename         = "logs-logzio.zip"
-source_code_hash = filebase64sha256("logs-logzio.zip")
+  function_name    = "${var.app}-${var.environment}-logz"
+  description      = "Sends Cloudwatch logs to logz."
+  runtime          = "python2.7"
+  timeout          = 60
+  memory_size      = 512
+  role             = aws_iam_role.iam_for_lambda_logz.arn
+  handler          = "lambda_function.lambda_handler"
+  filename         = "logs-logzio.zip"
+  source_code_hash = filebase64sha256("logs-logzio.zip")
 
-tags = var.tags
+  tags = var.tags
 
-environment {
-variables = {
-TOKEN = var.logz_token
-URL   = var.logz_url
-TYPE  = "elb"
-}
-}
+  environment {
+    variables = {
+      TOKEN = var.logz_token
+      URL   = var.logz_url
+      TYPE  = "elb"
+    }
+  }
 }
 
 resource "aws_lambda_permission" "allow_cloudwatch" {
-statement_id  = "${var.app}-${var.environment}-logz"
-action        = "lambda:InvokeFunction"
-function_name = aws_lambda_function.lambda_logz.arn
-principal     = "logs.${var.region}.amazonaws.com"
-source_arn    = aws_cloudwatch_log_group.logs.arn
+  statement_id  = "${var.app}-${var.environment}-logz"
+  action        = "lambda:InvokeFunction"
+  function_name = aws_lambda_function.lambda_logz.arn
+  principal     = "logs.${var.region}.amazonaws.com"
+  source_arn    = aws_cloudwatch_log_group.logs.arn
 }
 
 resource "aws_cloudwatch_log_subscription_filter" "cloudwatch_lambda_subscription" {
-depends_on      = [aws_lambda_permission.allow_cloudwatch]
-name            = "${var.app}-${var.environment}-logz"
-log_group_name  = aws_cloudwatch_log_group.logs.name
-filter_pattern  = ""
-destination_arn = aws_lambda_function.lambda_logz.arn
-distribution    = "ByLogStream"
+  depends_on      = [aws_lambda_permission.allow_cloudwatch]
+  name            = "${var.app}-${var.environment}-logz"
+  log_group_name  = aws_cloudwatch_log_group.logs.name
+  filter_pattern  = ""
+  destination_arn = aws_lambda_function.lambda_logz.arn
 }
-
diff --git a/env/dev/main.tf b/env/dev/main.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12"
 
   backend "s3" {
     region  = "us-east-1"
@@ -45,4 +45,3 @@ output "scale_out" {
 output "aws_profile" {
   value = var.aws_profile
 }
-